Certified in Risk and Information Systems Control (CRISC) — Question 734

IT risk assessments can BEST be used by management:

Answer options

• A. to measure organizational success.
• B. as input for decision-making.
• C. as a basis for cost-benefit analysis.
• D. for compliance with laws and regulations.

Correct answer: B

Explanation

The correct answer is B because IT risk assessments provide critical insights that aid management in making informed decisions. While options A, C, and D may have some relevance, they do not directly emphasize the role of risk assessments in the decision-making process.