Certified in Risk and Information Systems Control (CRISC) — Question 27

A data processing center operates in a jurisdiction where new regulations have significantly increased penalties for data breaches. Which of the following elements of the risk register is MOST important to update to reflect this change?

Answer options

• A. Risk impact
• B. Risk trend
• C. Risk appetite
• D. Risk likelihood

Correct answer: A

Explanation

The correct answer is A, as the risk impact must be adjusted to reflect the increased penalties from data breaches, which directly affects the potential consequences of such events. The other options, while relevant to risk management, do not directly relate to the change in regulatory environment and its impact on potential financial and operational repercussions.