Which of the following is the MAIN reason to continuously monitor IT-related risk?
A. To ensure risk levels are within acceptable limits of the organization’s risk appetite and risk tolerance
B. To redefine the risk appetite and risk tolerance levels based on changes in risk factors
C. To help identify root causes of incidents and recommend suitable long-term solutions
D. To update the risk register to reflect changes in levels of identified and new IT-related risk
A. To ensure risk levels are within acceptable limits of the organization’s risk appetite and risk tolerance
B. To redefine the risk appetite and risk tolerance levels based on changes in risk factors
C. To help identify root causes of incidents and recommend suitable long-term solutions
D. To update the risk register to reflect changes in levels of identified and new IT-related risk