Certified in Risk and Information Systems Control (CRISC) — Question 609

Which of the following is the BEST course of action when an organization wants to reduce likelihood in order to reduce a risk level?

Answer options

• A. Implement preventive measures.
• B. Transfer the risk.
• C. Implement detective controls.
• D. Monitor risk controls.

Correct answer: A

Explanation

The best course of action to reduce the likelihood of a risk is to implement preventive measures, as these actively work to stop the risk from occurring. Transferring the risk shifts the responsibility but does not reduce its likelihood, while detective controls only identify risks that have already occurred, and monitoring risk controls does not actively reduce risk likelihood.