Certified Information Systems Auditor (CISA) — Question 1169

Which of the following is MOST likely to be reduced when implementing optimal risk management strategies?

Answer options

• A. Inherent risk
• B. Residual risk
• C. Sampling risk
• D. Detection risk

Correct answer: B

Explanation

The correct answer is B, Residual risk, because optimal risk management strategies aim to minimize the risks that remain after controls have been applied. Inherent risk refers to the natural level of risk before any management strategies, and it is not necessarily reduced by implementing risk management. Sampling risk and detection risk are related to statistical and audit processes, respectively, and are not directly impacted by overall risk management strategies.