Isaca Certified in Risk and Information Systems Control CRISC Question # 217 Topic 22 Discussion
CRISC Exam Topic 22 Question 217 Discussion:
Question #: 217
Topic #: 22
Which of the following is the MOST important objective of embedding risk management practices into the initiation phase of the project management life cycle?
A.
To deliver projects on time and on budget
B.
To assess inherent risk
C.
To include project risk in the enterprise-wide IT risk profit.
The most important objective of embedding risk management practices into the initiation phase of the project management life cycle is to assess inherent risk. Inherent risk is the risk that exists before any controls or mitigations are applied. By assessing inherent risk in the initiation phase, the project team can identify the potential sources, causes, and impacts of risk that may affect the project objectives, scope, and deliverables. Assessing inherent risk in the initiation phase also helps to prioritize the risks, determine the risk appetite and tolerance, and plan the risk responses. Delivering projects on time and on budget, including project risk in the enterprise-wide IT risk profile, and assessing risk throughout the project are important objectives of risk management,but they are not the most important objective of embedding risk management practices into the initiation phase. References = Risk and Information Systems Control Study Manual, 7th Edition, Chapter 2, Section 2.1.1.1, page 511
1: ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide, Answer to Question 658.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit