CRISC Certified in Risk and Information Systems Control – Question809

Which of the following would MOST likely require a risk practitioner to update the risk register?

A.
An alert being reported by the security operations center.
B. Development of a project schedule for implementing a risk response.
C. Engagement of a third party to conduct a vulnerability scan.
D. Completion of a project for implementing a new control.

Correct Answer: D