CRISC Certified in Risk and Information Systems Control – Question369
Which of the following is the way to verify control effectiveness? A. The capability of providing notification of failure. B. Whether it is preventive or detective. C. Its reliability. D. The test results of intended objectives.
Correct Answer: D
Explanation:
Explanation:
Control effectiveness requires a process to verify that the control process worked as intended and meets the intended control objectives. Hence the test result of intended objective helps in verifying effectiveness of control.
Incorrect Answers:
A: Notification of failure does not determine control strength, hence this option is not correct.
B: The type of control, like preventive or detective, does not help determine control effectiveness.
C: Reliability is not an indication of control strength; weak controls can be highly reliable, even if they do not meet the control objective.
Please disable your adblocker or whitelist this site!