Suggested Answer:D🗳️
Threats and vulnerabilities change over time and KRI maintenance ensures that KRIs continue to effectively capture these changes. The risk environment is highly dynamic as the enterprise's internal and external environments are constantly changing. Therefore, the set of KRIs needs to be changed over time, so that they can capture the changes in threat and vulnerability. Incorrect Answers: A: Risk avoidance is one possible risk response. Risk responses are based on KRI reporting, but is not the reason for maintenance of KRIs. B: While most key risk indicator (KRI) metrics need to be optimized in respect to their sensitivity, the most important objective of KRI maintenance is to ensure that KRIs continue to effectively capture the changes in threats and vulnerabilities over time. Hence the most important reason is that because of change of threat and vulnerability overtime. C: Risk reporting timeliness is a business requirement, but is not a reason for KRI maintenance.
D. Threats and vulnerabilities change over time
Maintaining key risk indicators (KRIs) is important primarily because threats and vulnerabilities change over time. KRIs are designed to help organizations monitor and assess the evolving risks they face. By tracking these indicators, an organization can better adapt to changing circumstances and take appropriate actions to mitigate risks or seize opportunities. While all the other options (A, B, and C) are relevant considerations in risk management, the most critical reason for maintaining KRIs is to stay current and responsive to the changing risk landscape.
D. Threats and vulnerabilities change over time.
While all the options listed are important considerations for maintaining KRIs, the primary purpose of KRIs is to monitor and assess risks in an organization. Threats and vulnerabilities in the business environment are dynamic and constantly evolving. Therefore, it is crucial to regularly update and maintain KRIs to ensure they accurately reflect the changing risk landscape. By doing so, organizations can proactively identify and address emerging risks, making option D the most important reason.
Noticed during review of questions people were saying current exams seem to be more likely to have questions starting at 400 and higher, for what it is worth.
The Question is on maintaining and updating the KRIs and not about the process of assessing the KRIs periodically nor reporting on them.
upvoted 4 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Chemngoremmercy
Highly Voted 1 year, 1 month agosai_murthy
Most Recent 1 month, 2 weeks agoSuperMax
1 month, 3 weeks agoTitus12
5 months, 1 week agoNy_jen1
1 year agoCbtL
1 year, 7 months agoldl
1 year, 8 months agoAquanautix
3 years agomfaraj
3 years, 8 months agoBahaa_A_H
3 years, 1 month ago