Certified in Risk and Information Systems Control (CRISC) — Question 407

Which of the following is the MOST important reason for a risk practitioner to identify stakeholders for each IT risk scenario?

Answer options

• A. To ensure enterprise-wide risk management
• B. To identity key risk indicators (KRIs)
• C. To enable a comprehensive view of risk
• D. To establish control ownership

Correct answer: C

Explanation

Identifying stakeholders is crucial for enabling a comprehensive view of risk because it helps in understanding different perspectives and the impact of risks across the organization. While ensuring enterprise-wide risk management, identifying key risk indicators, and establishing control ownership are important, they do not provide as holistic an understanding of risk as recognizing stakeholders does.