Certified in Risk and Information Systems Control (CRISC) — Question 925
After entering a large number of low-risk scenarios into the risk register, it is MOST important for the risk practitioner to:
Answer options
- A. reconfirm risk tolerance levels.
- B. analyze changes to aggregate risk.
- C. prepare a follow-up risk assessment.
- D. recommend acceptance of the risk scenarios.
Correct answer: B
Explanation
Analyzing changes to aggregate risk is crucial after entering low-risk scenarios, as it helps understand the overall risk landscape. Reconfirming risk tolerance levels and preparing follow-up assessments are important, but they come after assessing the impact on aggregate risk. Recommending acceptance of the risk scenarios is a passive step that does not actively contribute to understanding the total risk exposure.