Certified in Risk and Information Systems Control (CRISC) — Question 388

An organization has initiated quarterly briefings for executive management with a focus on increasing risk awareness. Which of the following is MOST relevant to include in this briefing?

Answer options

• A. The risk register
• B. Risk management best practices
• C. Updates to security policies
• D. Recent security incidents

Correct answer: A

Explanation

The risk register is the most relevant document to include as it provides a comprehensive overview of identified risks, their assessment, and mitigation strategies. While risk management best practices, security policy updates, and recent incidents are important, they do not offer the same level of systematic insight into the organization's current risk landscape as the risk register does.