IsacaIsaca
CRISC · Question #145
CRISC Question #145: Real Exam Question with Answer & Explanation
Sign in or unlock CRISC to reveal the answer and full explanation for question #145. The question stem and answer options stay visible for context.
Submitted by eva_at· Apr 18, 2026Governance
Question
A highly regulated enterprise is developing a new risk management plan to specifically address legal and regulatory risk scenarios What should be done FIRST by IT governance to support this effort?
Options
- ARequest a regulatory risk reporting methodology
- BRequire critical success factors (CSFs) for IT risks.
- CEstablish IT-specific compliance objectives
- DCommunicate IT key risk indicators (KRIs) and triggers
Unlock CRISC to see the answer
You've previewed enough free CRISC questions. Unlock CRISC for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#IT governance#Compliance objectives#Regulatory risk#Risk management plan