Certified in Risk and Information Systems Control (CRISC) — Question 150

Which of the following would BEST help to ensure that identified risk is efficiently managed?

Answer options

• A. Reviewing the maturity of the control environment
• B. Maintaining a key risk indicator for each asset in the risk register
• C. Regularly monitoring the project plan
• D. Periodically reviewing controls per the risk treatment plan

Correct answer: D

Explanation

The correct answer, D, is crucial because it focuses on reviewing controls as outlined in the risk treatment plan, ensuring that risk management strategies remain effective. Options A and B, while important, do not directly address the ongoing management of identified risks, and option C is more about project management than risk management.