D. risk exposure in business terms
Senior management is typically interested in strategic, high-level views of risk. By presenting risk exposure in business terms, you allow senior management to understand the potential business impacts of various risks, which aids in their decision-making. It's important that risks are communicated in a way that non-technical executives can understand and act upon.
Raj1510 is not usually wrong :-). Senior management is an executive profile, everything that has to do with 'detailed', 'technical', etc. it is incompatible with the type of information of interest that they seek to obtain.
For those who don't know, there is a 'trick' in many ISACA answers, pay special attention to those that mention 'business', 'business objectives', etc.
When preparing a risk status report for periodic review by senior management, it is most important to ensure the report includes risk exposure in business terms. This means translating risk assessments and data into language that senior management can easily understand and relate to the organization's strategic objectives. Providing a clear view of how risks can impact the business financially and operationally is essential for senior management to make informed decisions and prioritize risk management efforts.
While recommendations by an independent risk assessor, summaries of incidents, and a detailed view of individual risk exposures can be valuable components of a risk report, presenting risk exposure in business terms ensures that senior management can directly link the risks to the potential impact on the organization's bottom line and overall business goals. This makes it easier for them to make decisions and allocate resources effectively.
C: looks correct
Most commonly, these information types are included in a risk report:
overall project risk sources
overall project risk status (e.g. high, medium, low)
number of identified risks, labeled as threats or opportunities
distribution of risks across risk categories
risk trends across risk categories
identified risks that have occurred and what action taken
changes in how risks are assessed for the probability of occurrence
financial impact of occurred risks
timeline impact of occurred risks
predicted level of overall project risk for next risk report milestone
Additionally, the inputs from risk analysis efforts will shape risk report content as will changes in the risk watch list.
CRISC Manual, 6th Edition, pg. 101 states that all risk should be noted in the report in order to provide an accurate picture of risk to senior management. Based on this, I will go with C.
Answer is D. Senior Management is interested in the business, so you need to present information in terms of how it impacts the business and business goals.
Answer C is incorrect. Senior Management usually doesn't care to go into the details.
Senior Management only understand their language...The answer is D.
upvoted 3 times
...
This section is not available anymore. Please use the main Exam Page.CRISC Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
travdaman
Highly Voted 3 years, 9 months agoneji
3 years, 7 months agoPunkMom
3 years, 8 months ago01010100
Most Recent 11 months, 3 weeks agomraiyan
1 year, 1 month agojohn_boogieman
1 year, 5 months agoSuperMax
9 months agoCeecil1959
2 years, 3 months agoRaj1510
2 years, 6 months agoForee
2 years, 8 months agoAnon530
3 years, 3 months agoIcs2Pass
3 years, 4 months ago