the answer is D the key word is " aggregated "
Aggregation of IT risk means gathering risk data from multiple sources and standardizing it to provide a holistic view. The primary objective of this process is to ensure that risk data is consistent, comparable, and useful for decision-making.
B. To allow for a proper review of risk tolerance.
Providing an aggregated view of IT risk helps business management assess whether the organization's risk tolerance aligns with its overall business objectives. It allows them to understand the level of risk the organization is exposed to and make informed decisions about risk management strategies and priorities. While other objectives listed, such as consistent terminology, identifying dependencies, and obtaining consistent data on risk, are important, they are typically secondary to the primary goal of assessing and aligning risk tolerance.
D. To enable consistent data on risk to be obtained.
The primary objective of providing an aggregated view of IT risk to business management is to enable consistent data on risk to be obtained. This aggregated view helps in consolidating and presenting IT-related risks in a manner that allows for a comprehensive understanding of the overall risk landscape within the organization.
What is throwing me off on B is that it talks of "risk tolerance". Maybe overthinking it. So for me, D seems the better answer that the aggregated view presents risk across IT in a consistent manner.
B. To allow for proper review of risk tolerance
The primary objective of providing an aggregated view of IT risk to business management is to allow for a proper review of risk tolerance. This comprehensive view helps business management to understand the overall risk exposure, prioritize risk mitigation efforts, and make informed decisions based on the organization's risk appetite. While the other options are relevant aspects of risk management, they are not the primary objective of providing an aggregated view of IT risk to business management.
Agree.An aggregated view of IT risk provides a comprehensive and holistic view of the risks that the organization faces. This view consolidates risk information from different sources and provides a high-level summary of the organization's overall risk posture. By providing this aggregated view, business management can obtain consistent data on risk, which is critical for making informed decisions around risk management.
This section is not available anymore. Please use the main Exam Page.CRISC Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
faed87a
2 months, 1 week agoeblue
8 months, 2 weeks agoStaanlee
8 months, 3 weeks agoCbtL
1 year, 1 month agoBroesweelies
1 year, 2 months agojohn_boogieman
1 year, 3 months agofora
2 years ago