Certified in Risk and Information Systems Control (CRISC) — Question 780

An organization has detected unauthorized logins to its client database servers. Which of the following should be of GREATEST concern?

Answer options

• A. Potential increase in regulatory scrutiny
• B. Potential theft of personal information
• C. Potential legal risk
• D. Potential system downtime

Correct answer: B

Explanation

The greatest concern in this scenario is the potential theft of personal information, as it poses a direct risk to individuals' privacy and can lead to identity theft. While regulatory scrutiny, legal risks, and system downtime are important, they are secondary to the immediate threat of compromised personal data.