Certified in Risk and Information Systems Control (CRISC) — Question 325

Participants in a risk workshop have become focused on the financial cost to mitigate risk rather than choosing the most appropriate response. Which of the following is the BEST way to address this type of issue in the long term?

Answer options

• A. Review the risk register and risk scenarios
• B. Calculate annualized loss expectancy of risk scenarios
• C. Raise the maturity of organizational risk management
• D. Perform a return on investment analysis

Correct answer: C

Explanation

The correct answer is C because raising the maturity of organizational risk management helps to create a more comprehensive approach towards risk that balances cost with effective responses. The other options, while useful, do not address the underlying issue of decision-making processes and priorities in risk management.