What should a risk practitioner do NEXT if an ineffective key control is identified on a critical system? A. Revalidate the risk assessment. B. Escalate to senior management. C. Propose acceptance of the risk. D. Conduct a gap analysis. Suggested Answer: D This question is in CRISC exam For getting Risk and Information Systems Control Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by ISACA. The website does not contain actual questions and answers from ISACA's Certification Exams. Trademarks, certification & product names are used for reference only and belong to ISACA.
Please login or Register to submit your answer