Certified in Risk and Information Systems Control (CRISC) — Question 47

To effectively support business decisions, an IT risk register MUST:

Answer options

• A. reflect the results of risk assessments.
• B. effectively support a business maturity model.
• C. be available to operational risk groups.
• D. be reviewed by the IT steering committee.

Correct answer: A

Explanation

The correct answer is A because a risk register must accurately display the findings from risk assessments to inform decision-making effectively. Options B, C, and D are not essential requirements for the risk register's primary function in supporting business decisions.