Certified in Risk and Information Systems Control (CRISC) — Question 886

Which of the following is the PRIMARY objective of engaging key stakeholders in the IT risk assessment process?

Answer options

• A. Increasing the quality of analysis
• B. Ensuring proper budget allocation for risk remediation
• C. Building a risk aware culture
• D. Reducing the time required for risk analysis

Correct answer: C

Explanation

The correct answer is C, as engaging stakeholders is crucial for creating a culture that recognizes and prioritizes risk management. While increasing analysis quality, ensuring budget allocation, and reducing time are important, they are secondary to establishing a risk-aware culture, which is essential for effective risk management.