In the three lines of defense model, which of the following activities would be completed by the FIRST line of defense? A. A risk practitioner executes an annual assessment of key controls that impact financial statements B. Internal control activities are reviewed monthly by a risk management committee C. Control owners review a monthly report on the operation of high-risk controls D. Internal audit reviews high-risk areas to ensure controls are executed in a timely manner  Suggested Answer: B This question is in CRISC exam For getting Risk and Information Systems Control Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by ISACA. The website does not contain actual questions and answers from ISACA's Certification Exams. Trademarks, certification & product names are used for reference only and belong to ISACA.
Please login or Register to submit your answer