Certified in Risk and Information Systems Control (CRISC) — Question 442

Which of the following is MOST important for an organization to consider when developing its IT strategy?

Answer options

• A. The organization's risk appetite statement
• B. Legal and regulatory requirements
• C. IT goals and objectives
• D. Organizational goals and objectives

Correct answer: D

Explanation

The correct answer is D because aligning IT strategy with organizational goals ensures that IT initiatives support the broader objectives of the organization. While risk appetite, legal requirements, and IT goals are important, they should all be considered in light of the overall direction and priorities of the organization.