Isaca Certified in Risk and Information Systems Control CRISC Question # 311 Topic 32 Discussion
CRISC Exam Topic 32 Question 311 Discussion:
Question #: 311
Topic #: 32
A key risk indicator (KRI) that incorporates data from external open-source threat intelligence sources has shown changes in risk trend data. Which of the following is MOST important to update in the risk register?
A key risk indicator (KRI) is a metric that provides information on the level of exposure to a given risk. Changes in risk trend data indicate that the likelihood or probability of a risk occurring has changed. Therefore, the frequency of risk occurrence should be updated in the risk register to reflect the current risk profile. The impact, cost, and legal aspects of risk realization are not directly affected by the changes in risk trend data, unless the nature or severity of the risk has also changed. (Risk and Information Systems Control Review Questions, Answers & Explanations Manual, 5th Edition, page 972
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit