Answer: D
Residual risk, encompasses both inherent risk (the risk without considering the effect of controls) and control risk (the risk that remains after controls are implemented). Therefore, communicating residual risk provides stakeholders with a comprehensive understanding of the actual risk exposure that the organization faces, taking into account both inherent risks and the effectiveness of controls.
Residual risk generally always exists. The goal is to reduce residual risk, sometimes this can be eliminated, but often there is always some residual risk left. This leads me to think residual is not the most critical to report compared to other options
A - Control risk.
Because it means that the controls are not working effectively.
Residual riks is the risk accepted and monitored by the business. So there is no big issue with it.
Changing my answer. I still believe Control risk is important.
In this case, i would go with AUDIT as audit risk includes all 3 options ,
Auti Risk=( Control Risk+Residual Risk+Inherent Risk)
residual risk would be the most critical type of risk to communicate to stakeholders as it represents the risk that remains after controls have been implemented
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
analuisamoreira
4 months, 3 weeks agoa84n
6 months, 3 weeks agochoboanon
1 month, 3 weeks agoIjahbee
8 months agoblues_lee
9 months, 3 weeks agocidigi
11 months agocidigi
11 months agohoho
1 year, 4 months ago007Georgeo
1 year, 6 months ago3008
1 year, 6 months agopeelu
1 year, 11 months agoJulianleehk
2 years, 1 month agoDeeplaxmi
2 years, 1 month ago