CRISC Certified in Risk and Information Systems Control – Question434

Which of the following is MOST important to understand when determining an appropriate risk assessment approach?

A.
Threats and vulnerabilities
B. Value of information assets
C. Complexity of the IT infrastructure
D. Management culture

Correct Answer: B