Certified in Risk and Information Systems Control (CRISC) — Question 897

From a risk management perspective, which of the following is the PRIMARY purpose of conducting a root cause analysis following an incident?

Answer options

• A. To satisfy senior management expectations for incident response
• B. To reduce incident response times defined in service level agreements (SLAs)
• C. To minimize the likelihood of future occurrences
• D. To ensure risk has been reduced to acceptable levels

Correct answer: C

Explanation

The primary aim of a root cause analysis is to identify and address the underlying issues that led to an incident, thereby minimizing the chances of future incidents. While satisfying management expectations and SLAs are important, they do not directly contribute to reducing the recurrence of incidents. Ensuring risk is at acceptable levels is a broader goal that may result from effective root cause analysis.