Certified in Risk and Information Systems Control (CRISC) — Question 909

Which of the following BEST supports the effective adoption of risk management across the enterprise?

Answer options

• A. Basing risk action plans on end user assessments of risk
• B. Assignment of risk-related responsibilities to end users
• C. Participation by functions responsible for the risk
• D. Comparison of risk assessment results with industry peers

Correct answer: C

Explanation

The correct answer, C, emphasizes the importance of involving the functions that are responsible for managing risks, which ensures that risk management is integrated into the enterprise effectively. Options A and B focus on end users, which may not encompass the broader organizational perspective needed for comprehensive risk management. Option D, while useful for benchmarking, does not directly support the internal adoption of risk management practices.