crisc question 1019 discussion

View all Certified in Risk and Information Systems Control here

back to isaca forum

Question 1019 Topic 4

Topic 4
Who should have the authority to approve an exception to a control?

A. Information security manager
B. Risk manager
C. Control owner
D. Risk owner

Answer:

C

User Votes:

A

50%

B 1 votes

50%

C 2 votes

50%

D 2 votes

50%

Discussions

0 / 1000

lostwisdom81

7 months, 3 weeks ago

Risk owner has the authority

0