The correct answer isBbecause engaging key stakeholders in the IT risk assessment process primarily improves thequality of analysis. Stakeholders provide business context, operational knowledge, and understanding of risk impacts, dependencies, and priorities. This leads to more accurate and relevant risk assessment results.
The other options are less appropriate:
A. Reducing the time required for risk analysisis not the primary objective.
C. Building a risk aware cultureis a valuable secondary benefit, but not the main reason for engagement in the assessment process.
D. Ensuring proper budget allocation for risk remediationmay result later, but not the primary objective of stakeholder involvement.
Exact Extracts supporting the answer:
“To ensure the overall effectiveness of a risk management program it is essential to have the participation of relevant stakeholders.”
“An interdisciplinary team within the enterprise offers the best perspective on risk management to employees and stakeholders.”
“The BEST approach when developing risk scenarios for an enterprise is to use both the top-down and the bottom-up approach because they have different perspectives.”
“The PRIMARY result of a risk assessment process is input for risk-aware decisions.”
These extracts show that stakeholder engagement is primarily valuable because it improves the completeness, relevance, and quality of risk analysis.
===========
Submit