IsacaIsaca
CISA · Question #207
CISA Question #207: Real Exam Question with Answer & Explanation
Sign in or unlock CISA to reveal the answer and full explanation for question #207. The question stem and answer options stay visible for context.
Submitted by rania.sa· Apr 18, 2026Governance and Management of IT
Question
When reviewing an organization's finalized risk assessment process, what would be the MAIN reason for an IS auditor to compare acceptable risk level with residual risk?
Options
- ATo advise management on risk appetite levels
- BTo identify new risks the organization may have to address
- CTo recommend control enhancements for further risk reduction
- DTo identify omissions made in the completed risk assessment
Unlock CISA to see the answer
You've previewed enough free CISA questions. Unlock CISA for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#Risk Management#Residual Risk#Acceptable Risk#IS Audit Review