Certified in Risk and Information Systems Control (CRISC) — Question 208

Which of the following BEST enables the risk profile to serve as an effective resource to support business objectives?

Answer options

• A. Updating the risk profile with risk assessment results.
• B. Assigning quantitative values to qualitative metrics in the risk register.
• C. Engaging external risk professionals to periodically review the risk.
• D. Prioritizing global standards over local requirements in the risk profile.

Correct answer: A

Explanation

The correct answer, A, is right because updating the risk profile with current risk assessment results ensures it reflects the latest threats and vulnerabilities, aligning it with business objectives. Options B, C, and D, while potentially useful, do not directly enhance the risk profile's effectiveness in supporting business goals as much as keeping it current with assessments does.