CRISC · Question #224
CRISC Question #224: Real Exam Question with Answer & Explanation
The correct answer is B: Risk practitioner. The risk practitioner is responsible for determining which stakeholders need to be involved in the development of a risk scenario. This role involves leading the risk assessment process and gathering diverse perspectives for comprehensive analysis.
Question
Who should be responsible for determining which stakeholders need to be involved in the development of a risk scenario?
Options
- ARisk owner
- BRisk practitioner
- CCompliance manager
- DControl owner
Explanation
The risk practitioner is responsible for determining which stakeholders need to be involved in the development of a risk scenario. This role involves leading the risk assessment process and gathering diverse perspectives for comprehensive analysis.
Common mistakes.
- A. The risk owner is accountable for managing a specific risk and its controls but typically relies on the practitioner to facilitate the scenario development process.
- C. A compliance manager focuses on regulatory adherence and specific compliance risks, which is a subset of the broader risk scenario development that requires a wider range of input.
- D. A control owner is responsible for the operation and effectiveness of specific controls, not for identifying all stakeholders required for comprehensive risk scenario development.
Concept tested. Roles and responsibilities in risk assessment
Reference. https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf
Topics
Community Discussion
No community discussion yet for this question.