CRISC Certified in Risk and Information Systems Control – Question212
What are the requirements of effectively communicating risk analysis results to the relevant stakeholders? Each correct answer represents a part of the solution. Choose three. A. The results should be reported in terms and formats that are useful to support business decisions B. Communicate only the negative risk impacts of events in order to drive response decisions C. Communicate the risk-return context clearly D. Provide decision makers with an understanding of worst-case and most probable scenarios
Correct Answer: ACD
Explanation:
Explanation:
The result of risk analysis process is being communicated to relevant stakeholders. The steps that are involved in communication are:
The results should be reported in terms and formats that are useful to support business decisions.
Coordinate additional risk analysis activity as required by decision makers, like report rejection and scope adjustment.
Communicate the risk-return context clearly, which include probabilities of loss and/or gain, ranges, and confidence levels (if possible) that enable management to balance risk-return.
Identify the negative impacts of events that drive response decisions as well as positive impacts of events that represent opportunities which should channel back into the strategy and objective setting process.
Provide decision makers with an understanding of worst-case and most probable scenarios, due diligence exposures and significant reputation, legal or regulatory considerations.
Incorrect Answers:
B: Both the negative and positive risk impacts are being communicated to relevant stakeholders. Identify the negative impacts of events that drive response decisions as well as positive impacts of events that represent opportunities which should channel back into the strategy and objective setting process.
Please disable your adblocker or whitelist this site!