Certified in Risk and Information Systems Control (CRISC) — Question 283

Several network user accounts were recently created without the required management approvals. Which of the following would be the risk practitioner's BEST recommendation to address this situation?

Answer options

• A. Investigate the root cause of noncompliance.
• B. Declare a security breach and inform management.
• C. Develop incident response procedure for noncompliance.
• D. Conduct a comprehensive compliance review.

Correct answer: A

Explanation

The best recommendation is to investigate the root cause of noncompliance, as understanding why the accounts were created without approvals is essential for preventing future occurrences. Declaring a security breach may not be warranted if no data was compromised, while developing an incident response procedure and conducting a compliance review are reactive measures that do not address the underlying issue directly.