CRISC Certified in Risk and Information Systems Control – Question500

Which of the following is the BEST way to validate whether controls have been implemented according to the risk mitigation action plan?

A.
Implement key risk indicators (KRIs)
B. Test the control design
C. Test the control environment
D. Implement key performance indicators (KPIs)

Correct Answer: A