Certified in Risk and Information Systems Control (CRISC) — Question 1155
An organization has established workflows in its service desk to support employee reports of security-related concerns. Which of the following is the MOST efficient approach to analyze these concerns?
Answer options
- A. Sort concerns by likelihood.
- B. Align concerns to key vendors.
- C. Prioritize concerns based on frequency of reports.
- D. Map concerns to organizational assets.
Correct answer: C
Explanation
Prioritizing concerns based on frequency of reports allows the organization to focus on the most common issues, which are likely to impact more employees. Sorting by likelihood, aligning to vendors, or mapping to assets may not address the most pressing concerns effectively, as they do not consider the volume of reports which indicates urgency.