Isaca Certified in Risk and Information Systems Control CRISC Question # 308 Topic 31 Discussion
CRISC Exam Topic 31 Question 308 Discussion:
Question #: 308
Topic #: 31
An organization is developing a risk universe to create a holistic view of its overall risk profile. Which of the following is the GREATEST barrier to achieving the initiative's objectives?
A.
Lack of cross-functional risk assessment workshops within the organization
B.
Lack of common understanding of the organization's risk culture
C.
Lack of quantitative methods to aggregate the total risk exposure
D.
Lack of an integrated risk management system to aggregate risk scenarios
Lack of common understanding of the organization’s risk culture is the greatest barrier to achieving the initiative’s objectives, because it hinders the alignment and integration of risk management across the organization. Risk culture is the set of shared values, beliefs, and behaviors that influence how risk is perceived and managed in an organization. A risk universe is a comprehensive and structured representation of all the sources and types of risk that an organization faces. Developing a risk universe requires a common understanding of the organization’s risk culture, as it affects the risk appetite, tolerance, and strategy of the organization. Lack of cross-functional risk assessment workshops, lack of quantitative methods to aggregate the total risk exposure, and lack of an integrated risk management system are all challenges that may affect thedevelopment of a risk universe, but they are not the greatest barrier, as they can be overcome with appropriate tools and techniques. References = Risk and Information Systems Control Study Manual, Chapter 2, Section 2.2.1, page 44
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit