CISA Certified Information Systems Auditor – Question0700

When creating a new risk management program, it is CRITICAL to consider:

A.
the risk appetite.
B. compliance measures.
C. risk mitigation techniques.
D. resource utilization.

Correct Answer: B