CRISC Certified in Risk and Information Systems Control – Question414 - CRISC Certified in Risk and Information Systems Control

A risk practitioner is developing a set of bottom-up IT risk scenarios. The MOST important time to involve business stakeholders is when:

A. identifying risk mitigation controls
B. documenting the risk scenarios
C. validating the risk scenarios
D. updating the risk register

Correct Answer: C