Certified in Risk and Information Systems Control (CRISC) — Question 67

The PRIMARY advantage of implementing an IT risk management framework is the:

Answer options

• A. alignment of business goals with IT objectives
• B. improvement of controls within the organization and minimized losses
• C. compliance with relevant legal and regulatory requirements
• D. establishment of a reliable basis for risk-aware decision making

Correct answer: D

Explanation

The correct answer, D, emphasizes how an IT risk management framework provides a structured approach for making decisions that consider risk factors, enhancing overall decision quality. Options A, B, and C, while important aspects of IT management, do not specifically address the framework's primary focus on informed decision-making related to risk.