Certified in Risk and Information Systems Control (CRISC) — Question 269

When updating the risk register after a risk assessment, which of the following is MOST important to include?

Answer options

• A. Actor and threat type of the risk scenario
• B. Historical losses due to past risk events
• C. Cost to reduce the impact and likelihood
• D. Likelihood and impact of the risk scenario

Correct answer: D

Explanation

The likelihood and impact of the risk scenario are essential for understanding the severity and probability of risks, which helps prioritize risk management efforts. While the other options provide valuable context, they do not directly inform the assessment of current risks as effectively as likelihood and impact do.