Certified in Risk and Information Systems Control (CRISC) — Question 1450

Which of the following BEST contributes to the implementation of an effective risk response action plan?

Answer options

• A. A business impact analysis.
• B. An IT tactical plan.
• C. Disaster recovery and continuity testing.
• D. Assigned roles and responsibilities.

Correct answer: B

Explanation

An IT tactical plan is critical as it outlines the specific steps and strategies necessary to address risks effectively. While a business impact analysis, disaster recovery testing, and assigned roles are important components in risk management, they primarily support the implementation of the tactical plan rather than drive it.