Certified in Risk and Information Systems Control (CRISC) — Question 825

Which of the following is the GREATEST critical success factor (CSF) of an IT risk management program?

Answer options

• A. Identifying enterprise risk events
• B. Conducting focus group meetings with key stakeholders
• C. Aligning with business objectives
• D. Identifying IT risk scenarios

Correct answer: C

Explanation

The correct answer is C because aligning with business objectives ensures that the IT risk management program supports the overall goals of the organization, making it more effective. While identifying risk events, conducting meetings, and recognizing risk scenarios are important, they do not carry the same weight in terms of strategic alignment and overall success.