A. Changes in senior management.
The risk profile of an organization represents a summarized view of its risks, taking into account the probability of occurrence, potential impacts, and the effectiveness of controls in place. Changes in the leadership or direction of the organization, such as changes in senior management, can directly influence its risk tolerance, strategic direction, and priorities, which would likely lead to updates in its IT risk profile.
Establishment of a risk committee (Option B) can provide more structured governance around risk management, but the mere establishment of such a committee doesn't necessarily change the risk profile itself.
External audit findings (Option C) can highlight weaknesses or gaps in controls and may lead to changes in risk responses or mitigation strategies, but they might not lead to changes in the overall risk profile unless the findings reveal risks that weren't previously recognized.
Feedback from focus groups (Option D) is typically more about perceptions and preferences of a specific topic and might not have a direct impact on the IT risk profile.
This section is not available anymore. Please use the main Exam Page.CRISC Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
01010100
9 months, 1 week agoCbtL
1 year, 3 months ago