Certified in Risk and Information Systems Control (CRISC) — Question 1110

Which of the following is MOST helpful to review when assessing the risk exposure associated with ransomware?

Answer options

• A. Potentially impacted business processes
• B. Recent changes in the environment
• C. Key performance indicators (KPIs)
• D. Suspected phishing events

Correct answer: A

Explanation

Reviewing potentially impacted business processes is crucial as it helps identify which operations may be disrupted by ransomware, thereby highlighting the risk exposure. While recent changes, KPIs, and phishing events are also relevant, they do not directly assess the core business functions that ransomware could affect.