The data owner should be accountable for ensuring that media containing financial information are adequately destroyed per an organization's data disposal policy, as they have the authority and responsibility to define the classification, retention, and disposal requirements for the data they own. The compliance manager, the data architect, and the chief information officer (CIO) are not the best choices, as they have different roles and responsibilities related to data governance, design, and strategy, respectively, but they do not own the data. References = CRISC Review Manual, 7th Edition, page 154.

Risk threshold exceptions are instances when a KRI exceeds or falls below a predefined level or point that triggers an action or a warning. An increase in the number of risk threshold exceptions indicates that the KRIs are not reflecting the current risk exposure or environment accurately or effectively. This may suggest that the KRIs are outdated, irrelevant, or poorly defined. Therefore, the KRIs should be revised to ensure that they are aligned with the organizational objectives, risk appetite, and risk management strategy.
References
*Key Risk Indicators: A Practical Guide | SafetyCulture
*Key Risk Indicators: Examples & Definitions - SolveXia
*Choosing and Using Key Risk Indicators - Institute of Risk Management

According to the CRISC Review Manual (Digital Version), monitoring key access control performance indicators is the best way to provide an early warning that network access of terminated employees is not being revoked in accordance with the service level agreement (SLA), as it measures the effectiveness and efficiency of the access control process and its alignment with the SLA objectives and requirements. The SLA is a contract that defines the expectations and responsibilities of the service provider and the service recipient in terms of the quality, availability, and scope of the service. Monitoring key access control performance indicators helps to:
* Evaluate the extent to which the access control process has met the SLA targets and standards
* Identify and report any deviations, errors, or breaches in the access control process and its compliance with the SLA
* Recommend and implement corrective actions or improvement measures to address the issues or findings in the access control process
* Communicate and coordinate the monitoring results and recommendations with the relevant stakeholders, such as the service provider, the service recipient, and the senior management References = CRISC Review Manual (Digital Version), Chapter 4: IT Risk Monitoring and Reporting, Section 4.1: IT Risk Monitoring, pp. 217-2181

The most important input into the assessment of the risk of shadow IT usage is the classification of the data that is being processed, stored, or transmitted by the unauthorized applications or devices. This determines the level of confidentiality, integrity, and availability that is required for the data and the potential impact of a breach or loss. Business benefits of shadow IT, application-related expenses, and volume of data are less important inputs that may affect the risk analysis, but not as much as the data classification. References = Risk IT Framework, 2nd Edition, page 28; CRISC Review Manual, 6th Edition, page 98.

Ensuring time synchronization of log sources is the most important consideration when developing a log collection and correlation strategy, as it enables the accurate and consistent analysis and correlation of log data from different sources and systems. Time synchronization can help to identify the sequence and causality of events, and to detect and respond to any anomalies or incidents. Time synchronization can also facilitate the compliance and audit of the log data, and support the forensic investigation and legal action if needed.
References = Most Asked CRISC Exam Questions and Answers, Question 10. CRISC: Certified in Risk & Information Systems Control Sample Questions, Question 248. ISACA Certified in Risk and Information Systems Control (CRISC) Certification Exam Question and Answers, Question 248. CRISC by Isaca Actual Free Exam Q&As, Question 9.