Certified in Risk and Information Systems Control (CRISC) — Question 1188

To enable effective integration of IT risk scenarios and enterprise risk management (ERM), it is MOST important to have a consistent approach to reporting:

Answer options

• A. key risk indicators (KRIs).
• B. risk velocity.
• C. risk impact and likelihood.
• D. risk response plans and owners.

Correct answer: C

Explanation

The correct answer is C because having a consistent method for reporting risk impact and likelihood allows for better alignment with enterprise risk management practices. Options A, B, and D, while relevant to risk management, do not provide the fundamental linkage needed for effective integration with ERM.