CRISC Question #196: Real Exam Question with Answer & Explanation

Question

Which of the following activities BEST facilitates effective risk management throughout the organization?

Options

• AReviewing risk-related process documentation
• BConducting periodic risk assessments
• CPerforming a business impact analysis (BIA)
• DPerforming frequent audits

Explanation

Conducting periodic risk assessments is the most effective activity to facilitate risk management throughout an organization, as it systematically identifies, analyzes, and evaluates risks.

Common mistakes.

• A. Reviewing documentation is a preparatory step but does not actively identify, analyze, or manage risks across the organization.
• C. Performing a Business Impact Analysis (BIA) is a critical input for specific risk management aspects like business continuity, but it is only one component of a broader risk management program.
• D. Performing frequent audits assesses compliance and control effectiveness retrospectively, serving as a monitoring activity rather than the primary proactive activity that best facilitates overall risk management.

Concept tested. Core risk management activities

No community discussion yet for this question.