Certified in Risk and Information Systems Control (CRISC) — Question 1018

Which of the following BEST enables risk mitigation associated with software licensing noncompliance?

Answer options

• A. Perform automated vulnerability scans.
• B. Conduct annual reviews of license expiration dates.
• C. Implement automated IT asset management controls
• D. Document IT inventory management procedures.

Correct answer: C

Explanation

Implementing automated IT asset management controls ensures that all software licenses are tracked and managed effectively, reducing the risk of noncompliance. While conducting annual reviews and documenting procedures are helpful practices, they do not provide the same level of proactive management as automation does. Automated vulnerability scans focus more on security risks rather than licensing compliance.