Certified in Risk and Information Systems Control (CRISC) — Question 176

The PRIMARY benefit of conducting continuous monitoring of access controls is the ability to identify.

Answer options

• A. possible noncompliant activities that lead to data disclosure
• B. leading or lagging key risk indicators (KRIs)
• C. inconsistencies between security policies and procedures
• D. unknown threats to undermine existing access controls

Correct answer: A

Explanation

The correct answer, A, highlights the primary focus of continuous monitoring, which is to detect noncompliant activities that may lead to data exposure. Options B, C, and D, while relevant to security, do not directly address the primary benefit of identifying noncompliance through constant oversight of access controls.