Isaca Exam CRISC Topic 4 Question 28 Discussion

Actual exam question for Isaca's Certified in Risk and Information Systems Control exam

Question #: 28
Topic #: 4

Which of the following should be of GREATEST concern to a risk practitioner when determining the effectiveness of IT controls?

AConfiguration updates do not follow formal change control.

BOperational staff perform control self-assessments.

CControls are selected without a formal cost-benefit

Danalysis-Management reviews security policies once every two years.

Show Suggested Answer

Suggested Answer: A

by Kattie at May 07, 2022, 12:59 AM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!