Isaca Exam CRISC Topic 3 Question 97 Discussion

Actual exam question for Isaca's CRISC exam

Question #: 97
Topic #: 3

A risk assessment has revealed that the probability of a successful cybersecurity attack is increasing. The potential loss could exceed the organization's risk appetite. Which of the following ould be the MOST effective course of action?

ARe-evaluate the organization's risk appetite.

BOutsource the cybersecurity function.

CPurchase cybersecurity insurance.

DReview cybersecurity incident response procedures.

Show Suggested Answer

Suggested Answer: D

Cybersecurity incident response procedures are the plans and actions that an organization takes to respond to and recover from a cybersecurity attack. They include identifying the source and scope of the attack, containing and eradicating the threat, restoring normal operations, and analyzing the root cause and lessons learned. Reviewing cybersecurity incident response procedures is the most effective course of action when the probability of a successful cybersecurity attack is increasing and the potential loss could exceed the organization's risk appetite, as it helps to prepare the organization for minimizing the impact and duration of the attack, as well as improving the resilience and security posture of the organization.

by Lavera at Apr 05, 2025, 03:02 PM

Limited Time Offer

25%

Off

Get Premium CRISC Questions as Interactive Web-Based Practice Test or PDF