ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CRISC All Questions

View all questions & answers for the CRISC exam
Go to Exam

Exam CRISC topic 1 question 928 discussion

Actual exam question from Isaca's CRISC
Question #: 928
Topic #: 1
[All CRISC Questions]

Which of the following should be the FIRST step when a company is made aware of new regulatory requirements impacting IT?

  • A. Perform a risk assessment.
  • B. Prioritize impact to the business units.
  • C. Perform a gap analysis.
  • D. Review the risk tolerance and appetite.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Stefan07 at May 10, 2021, 8:40 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
CbtL
8 months, 3 weeks ago
Selected Answer: C
Agree with C.
upvoted 1 times
...
john_boogieman
11 months, 2 weeks ago
Selected Answer: C
The first thing the organization has to do is analyze its current situation to identify the existence of a risk gap and the scope of the actions it needs to close that gap. (7th CRISC manual, section 'Gap Analysis'.
upvoted 3 times
...
Suchib
12 months ago
Its A, first understand the impact then do the gap analysis.
upvoted 1 times
...
Raj1510
1 year, 11 months ago
agree with C
upvoted 2 times
...
aselunar
2 years, 7 months ago
This looks correct. See R2-25.
upvoted 2 times
...
Stefan07
2 years, 8 months ago
Answer is A - Risk Assessment
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel