- All Exams Instant Download
Which of the following is the MOST important reason to maintain key risk indicators (KRIs)?
Which of the following is the MOST important reason to maintain key risk indicators (KRIs)?A . In order to avoid riskB . Complex metrics require fine-tuningC . Risk reports need to be timelyD . Threats and vulnerabilities change over timeView AnswerAnswer: D Explanation: Threats and vulnerabilities change over time and...
What type of risk response has David adopted?
David is the project manager of the HRC Project. He has identified a risk in the project, which could cause the delay in the project. David does not want this risk event to happen so he takes few actions to ensure that the risk event will not happen. These extra...
What type of risk response is this?
Wendy has identified a risk event in her project that has an impact of $75,000 and a 60 percent chance of happening. Through research, her project team learns that the risk impact can actually be reduced to just $15,000 with only a ten percent chance of occurring. The proposed solution...
Which of the following is described by the definition given below?
Which of the following is described by the definition given below? "It is the expected guaranteed value of taking a risk."A . Certainty equivalent valueB . Risk premiumC . Risk value guaranteeD . Certain value assuranceView AnswerAnswer: A Explanation: The Certainty equivalent value is the expected guaranteed value of taking...
Which of the following is the MOST important objective of the information system control?
Which of the following is the MOST important objective of the information system control?A . Business objectives are achieved and undesired risk events are detected and correctedB . Ensuring effective and efficient operationsC . Developing business continuity and disaster recovery plansD . Safeguarding assetsView AnswerAnswer: A Explanation: The basic purpose...
What risk identification method could you use?
Your project spans the entire organization. You would like to assess the risk of your project but worried about that some of the managers involved in the project could affect the outcome of any risk identification meeting. Your consideration is based on the fact that some employees would not want...
What are the PRIMARY requirements for developing risk scenarios?
What are the PRIMARY requirements for developing risk scenarios? Each correct answer represents a part of the solution. Choose two.A . Potential threats and vulnerabilities that could lead to loss eventsB . Determination of the value of an asset at riskC . Determination of actors that has potential to generate...
Which of the following statements is NOT true regarding the risk management plan?
Which of the following statements is NOT true regarding the risk management plan?A . The risk management plan is an output of the Plan Risk Management process.B . The risk management plan is an input to all the remaining risk-planning processes.C . The risk management plan includes a description of...
Which of the following role carriers is accounted for analyzing risks, maintaining risk profile, and risk-aware decisions?
Which of the following role carriers is accounted for analyzing risks, maintaining risk profile, and risk-aware decisions?A . Business managementB . Business process ownerC . Chief information officer (CIO)D . Chief risk officer (CRO)View AnswerAnswer: D Explanation: Business management is the business individuals with roles relating to managing a program....
Which of the following risk management techniques is your company using?
Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using?A . Risk transferB . Risk acceptanceC . Risk avoidanceD . Risk mitigationView...
