Certified in Risk and Information Systems Control (CRISC) — Question 776

While reviewing an organization's monthly change management metrics, a risk practitioner notes that the number of emergency changes has increased substantially. Which of the following would be the BEST approach for the risk practitioner to take?

Answer options

• A. Temporarily suspend emergency changes.
• B. Continue monitoring change management metrics.
• C. Conduct a root cause analysis.
• D. Document the control deficiency in the risk register.

Correct answer: C

Explanation

Conducting a root cause analysis (C) is the best approach as it helps identify underlying issues contributing to the increase in emergency changes. Temporarily suspending emergency changes (A) may disrupt necessary operations without addressing the root cause. Continuing to monitor metrics (B) does not provide actionable insights, and simply documenting a deficiency (D) does not resolve the issue.