CRISC Certified in Risk and Information Systems Control – Question426

Which of the following would require updates to an organization’s IT risk register?

A.
Discovery of an ineffectively designed key IT control
B. Management review of key risk indicators (KRIs)
C. Changes to the team responsible for maintaining the register
D. Completion of the latest internal audit

Correct Answer: A