Isaca Certified in Risk and Information Systems Control CRISC Question # 517 Topic 52 Discussion
CRISC Exam Topic 52 Question 517 Discussion:
Question #: 517
Topic #: 52
An organization is planning to acquire a new financial system. Which of the following stakeholders would provide the MOST relevant information for analyzing the risk associated with the new IT solution?
The process owner is the stakeholder who is responsible for the business process that will be supported by the new IT solution. The process owner has the best knowledge of the businessrequirements, objectives, and risks associated with the process. The process owner can provide the most relevant information for analyzing the risk associated with the new IT solution, such as the expected benefits, costs, performance, functionality, security, and compliance of the solution. The process owner can also help to identify and evaluate the potential impact and likelihood of the risk scenarios related to the new IT solution. The other stakeholders may have some information or insights, but they are not as directly involved or affected by the new IT solution as the process owner. References = Risk and Information Systems Control Study Manual, 7th Edition, Chapter 2, Section 2.3.1.1, pp. 58-59.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit