New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CRISC Exam - Topic 4 Question 28 Discussion

Actual exam question for Isaca's CRISC exam
Question #: 28
Topic #: 4
[All CRISC Questions]

Which of the following should be of GREATEST concern to a risk practitioner when determining the effectiveness of IT controls?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Kattie at May 07, 2022, 12:59 AM

Limited Time Offer

25%

Off

Get Premium CRISC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Michael
4 months ago
Totally agree, A should be top priority!
upvoted 0 times
...
Catarina
4 months ago
B seems fine if done right, but A is crucial.
upvoted 0 times
...
Rutha
4 months ago
Surprised that D is even an option! Once every two years?
upvoted 0 times
...
Alyssa
4 months ago
I think C is more concerning, honestly.
upvoted 0 times
...
Lawana
5 months ago
A is definitely a big red flag!
upvoted 0 times
...
Sheridan
5 months ago
Management reviewing policies every two years seems a bit infrequent. I wonder if option D could lead to outdated security measures?
upvoted 0 times
...
Annamaria
5 months ago
I feel like the cost-benefit analysis is really important for selecting controls, so option C might be the most concerning.
upvoted 0 times
...
Frank
5 months ago
I'm not entirely sure, but I think self-assessments by operational staff could lead to biased results. Maybe option B is a red flag?
upvoted 0 times
...
Carol
5 months ago
I remember studying that change control is crucial for maintaining IT security, so option A seems like a big concern.
upvoted 0 times
...
Lisbeth
5 months ago
This looks like a tricky one. I'll need to carefully read through the scenario and think about the best approach to ensure the managers receive the access reviews for their respective departments.
upvoted 0 times
...
Abraham
5 months ago
Okay, I've got a strategy here. I know stakeholder engagement is crucial throughout the project, so I'll eliminate any options that don't mention that. Then I'll look for the one that best describes the proper timing and approach.
upvoted 0 times
...
Arleen
5 months ago
Awk is a text processing tool, so I'm pretty confident it's not a calculator or an operating system. I'm leaning towards option B, but I'll double-check the description just to be sure.
upvoted 0 times
...
Cassi
5 months ago
Okay, I think I've got it. The key is to use a combination of design patterns and principles to create a more robust and flexible architecture for Service A. The Service Abstraction, Service Facade, and Contract Centralization patterns all seem like they could be effective here.
upvoted 0 times
...

Save Cancel