CRISC Question #204: Real Exam Question with Answer & Explanation

The correct answer is A: Risk register. Reviewing an organization's risk register provides the best insight into its overall risk profile by detailing identified risks and their mitigation statuses.

Submitted by kevin_r· Apr 18, 2026IT Risk Assessment

Question

Reviewing which of the following BEST helps an organization gam insight into its overall risk profile''

Options

ARisk register
BRisk appetite
CThreat landscape
DRisk metrics

Explanation

Reviewing an organization's risk register provides the best insight into its overall risk profile by detailing identified risks and their mitigation statuses.

Common mistakes.

B. Risk appetite defines the level of risk an organization is willing to accept, but it does not detail the actual identified risks or their current status within the organization.
C. The threat landscape describes potential external and internal threats, but it does not encompass an organization's specific vulnerabilities, existing controls, or its overall, unique risk posture.
D. Risk metrics provide specific quantitative measurements of risk performance or control effectiveness, but they offer only segmented data points rather than the holistic overview provided by a detailed risk register.

Concept tested. Risk register for overall risk insight

Reference. https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/reference/azure-risk-register

Topics

#Risk register#Overall risk profile#Risk assessment

Community Discussion

No community discussion yet for this question.

Full CRISC Practice Browse All CRISC Questions