CRISC Certified in Risk and Information Systems Control – Question296
Which of the following is the best reason for performing risk assessment? A. To determine the present state of risk B. To analyze the effect on the business C. To satisfy regulatory requirements D. To budget appropriately for the application of various controls
Correct Answer: A
Explanation:
Explanation:
Risk assessment is a process of analyzing the identified risk, both quantitatively and qualitatively. Quantitative risk assessment requires calculations of two components of risk, the magnitude of the potential loss, and the probability that the loss will occur. While qualitatively risk assessment checks the severity of risk. Hence risk assessment helps in determining the present state of the risk.
Incorrect Answers:
B: Analyzing the effect of risk on an enterprise is the part of the process while performing risk assessment, but is not the reason for doing it.
C: Performing risk assessment may satisfy the regulatory requirements, but is not the reason to perform risk assessment.
D: Budgeting appropriately is one the results of risk assessment but is not the reason for performing the risk assessment.
Please disable your adblocker or whitelist this site!