Certified in Risk and Information Systems Control (CRISC) — Question 1249

Which of the following is the BEST way to help ensure risk will be managed properly after a business process has been re-engineered?

Answer options

• A. Reassessing control effectiveness of the process
• B. Reporting key performance indicators (KPIs) for core processes
• C. Conducting a post-implementation review to determine lessons learned
• D. Establishing escalation procedures for anomaly events

Correct answer: A

Explanation

Reassessing control effectiveness of the process is crucial because it directly evaluates whether the new controls are adequate to manage risks post-re-engineering. The other options, while valuable, do not specifically focus on evaluating and ensuring the effectiveness of risk controls, which is essential for effective risk management.