CISA Certified Information Systems Auditor – Question0505

The MOST important reason why an IT risk assessment should be updated on a regular basis is to:

A.
utilize IT resources in a cost-effective manner
B. comply with data classification changes
C. comply with risk management policies
D. react to changes in the IT environment

Correct Answer: D