CRISC Certified in Risk and Information Systems Control – Question713

Whose risk tolerance matters MOST when making a risk decision?

A.
Customers who would be affected by a breach
B. The information security manager
C. The business process owner of the exposed assets
D. Auditors, regulators, and standards organizations

Correct Answer: D