Isaca IT Risk Fundamentals Exam - Topic 2 Question 28 Discussion

Actual exam question for Isaca's IT Risk Fundamentals exam

Question #: 28
Topic #: 2

[All IT Risk Fundamentals Questions]

Organizations monitor control statuses to provide assurance that:

Acompliance with established standards is achieved.

Brisk events are being fully mitigated.

Creturn on investment (ROI) objectives are met.

Show Suggested Answer

Suggested Answer: A

Purpose of Monitoring Control Statuses:

Organizations monitor control statuses to ensure that the controls in place are functioning correctly and achieving their intended outcomes.

Providing Assurance:

Monitoring control statuses provides assurance that the organization is compliant with established standards, regulations, and internal policies.

Compliance is a critical aspect of governance and risk management, ensuring that the organization operates within legal and regulatory frameworks.

Comparison of Options:

B ensuring risk events are fully mitigated is an important aspect but is secondary to the overarching goal of compliance.

C meeting ROI objectives is related to financial performance but does not directly relate to the primary purpose of control monitoring, which is compliance.

Conclusion:

Thus, the primary reason for monitoring control statuses is to provide assurance that compliance with established standards is achieved.

by Emogene at May 11, 2026, 10:06 AM

Limited Time Offer

25%

Off

Get Premium IT Risk Fundamentals Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Tony

16 days ago

I think monitoring control statuses is mainly about ensuring compliance with standards, but I'm not entirely sure if that's the only focus.

upvoted 0 times

...