Certified in Risk and Information Systems Control (CRISC) — Question 838

Which of the following will BEST help to ensure the continued effectiveness of the IT risk management function within an organization experiencing high employee turnover?

Answer options

• A. Change and release management
• B. Well documented policies and procedures
• C. Risk and issue tracking
• D. An IT strategy committee

Correct answer: B

Explanation

Having well documented policies and procedures is crucial for ensuring that the IT risk management function remains effective, especially during high employee turnover, as it provides a clear framework for new employees to follow. The other options, while important, do not directly address the continuity of risk management practices in the face of personnel changes.