Gain a deeper understanding of inherent risk with real-world examples. Essential reading for those preparing for the CISA Certification Exam.
Table of Contents
Question
Which of the following is an example of inherent risk?
A. Quality assurance (QA) processes may not effectively reduce errors.
B. An approval process may not detect significant errors.
C. The organization may not comply with regulations.
D. Projects may still be delayed despite management controls.
Answer
C. The organization may not comply with regulations.
Explanation
Inherent risk refers to the risk that exists in the environment around a business function or process before any measures are put in place to counter it. It’s the natural level of risk inherent in a process or activity without doing anything to mitigate it.
Option C: “The organization may not comply with regulations” is an example of inherent risk. This is because non-compliance is a risk that exists without considering the controls that the organization has put in place to ensure compliance with regulations. The other options (A, B, and D) are examples of control risks, which arise from the potential ineffectiveness of control measures.
ISACA CISA certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the ISACA CISA exam and earn ISACA CISA certification.