Certified in Risk and Information Systems Control (CRISC) — Question 409

The BEST reason to classify IT assets during a risk assessment is to determine the:

Answer options

• A. appropriate level of protection
• B. enterprise risk profile
• C. priority in the risk register
• D. business process owner

Correct answer: A

Explanation

Classifying IT assets helps in identifying the appropriate level of protection needed for each asset based on its value and risk exposure. The other options, while relevant to risk assessments, do not directly relate to the main intent of asset classification, which is to ensure adequate protection measures are implemented.