Isaca Certification CRISC Reddit Questions

Updating the BCP to align with real-time recovery requirements ensures the organization’s resilience to disruptions while meeting regulatory standards. This action reflects Business Continuity and Disaster Recovery Planning best practices.

Biometric systems are preventive controls designed to restrict access to authorized personnel only. This aligns with Access Control and Authentication Standards in risk management frameworks.

Automated asset management software provides a continuous and efficient way to track assets throughout their lifecycle. It reduces the likelihood of human error, ensures up-to-date records, and can often integrate with other systems to provide comprehensive oversight of an organization’s assets.

According to the three lines of defense model, the responsibility for managing risk and controls resides with the operational management, which forms the first line of defense. The operational management is the function that owns and manages risk as part of their accountability for achieving objectives. They are responsible for identifying, assessing, mitigating, and reporting on risks and controls within their areas of operation. They are also responsible for implementing and maintaining effective internal controls and ensuring compliance with policies, standards, and regulations.

References:

•ISACA, Risk IT Framework, 2nd Edition, 2019, p. 741

•Internal audit: three lines of defence model explained2