Certified in Risk and Information Systems Control (CRISC) — Question 1038
Which of the following should be the PRIMARY objective of promoting a risk-aware culture within an organization?
Answer options
- A. Enabling risk-based decision making
- B. Increasing process control efficiencies
- C. Better understanding of the risk appetite
- D. Improving audit results
Correct answer: A
Explanation
The primary objective of promoting a risk-aware culture is to enable risk-based decision making, which allows organizations to make informed choices regarding potential risks. While increasing process control efficiencies, understanding risk appetite, and improving audit results are important, they are secondary to fostering an environment where decisions are made with a clear understanding of risks.