Certified in Risk and Information Systems Control (CRISC) — Question 420
For a large software development project, risk assessments are MOST effective when performed:
Answer options
- A. during the development of the business case
- B. at each stage of the system development life cycle (SDLC)
- C. at system development
- D. before system development begins
Correct answer: B
Explanation
The correct answer is B because conducting risk assessments at each stage of the SDLC allows for ongoing identification and management of risks as the project evolves. The other options are less effective since assessing risks only during the business case or before development begins does not address risks that may arise during the project.