Certified in Risk and Information Systems Control (CRISC) — Question 510

Which of the following is the PRIMARY responsibility of the first line of defense related to computer-enabled fraud?

Answer options

• A. Ensuring that risk and control assessments consider fraud
• B. Implementing processes to detect and deter fraud
• C. Providing oversight of risk management processes
• D. Monitoring the results of actions taken to mitigate fraud

Correct answer: B

Explanation

The correct answer is B because the first line of defense is primarily tasked with implementing processes that actively identify and prevent fraud. Options A, C, and D focus on assessments, oversight, and monitoring, which are secondary responsibilities that support the primary function of detecting and deterring fraud.