ExamGecko
Login
Home / Isaca / CRISC / List of questions
Ask Question

Isaca CRISC Practice Test - Questions Answers, Page 108

Add to Whishlist

List of questions

Question 1071

Report Export Collapse

Risk appetite should be PRIMARILY driven by which of the following?

Become a Premium Member for full access
  Unlock Premium Member

Question 1072

Report Export Collapse

What is the MAIN benefit of using a top-down approach to develop risk scenarios?

Become a Premium Member for full access
  Unlock Premium Member

Question 1073

Report Export Collapse

A zero-day vulnerability has been discovered in a globally used brand of hardware server that allows hackers to gain access to affected IT systems. Which of the following is MOST likely to change as a result of this situation?

Become a Premium Member for full access
  Unlock Premium Member

Question 1074

Report Export Collapse

When developing a response plan to address security incidents regarding sensitive data loss, it is MOST important

Become a Premium Member for full access
  Unlock Premium Member

Question 1075

Report Export Collapse

Which of the following potential scenarios associated with the implementation of a new database technology presents the GREATEST risk to an organization?

Become a Premium Member for full access
  Unlock Premium Member

Question 1076

Report Export Collapse

After entering a large number of low-risk scenarios into the risk register, it is MOST important for the risk practitioner to:

Become a Premium Member for full access
  Unlock Premium Member

Question 1077

Report Export Collapse

Which of the following provides the MOST reliable evidence of a control's effectiveness?

Become a Premium Member for full access
  Unlock Premium Member

Question 1078

Report Export Collapse

Which of the following BEST reduces the risk associated with the theft of a laptop containing sensitive information?

Become a Premium Member for full access
  Unlock Premium Member

Question 1079

Report Export Collapse

An organization has asked an IT risk practitioner to conduct an operational risk assessment on an initiative to outsource the organization's customer service operations overseas. Which of the following would MOST significantly impact management's decision?

Become a Premium Member for full access
  Unlock Premium Member

Question 1080

Report Export Collapse

Which of the following is the MOST effective way for a large and diversified organization to minimize risk associated with unauthorized software on company devices?

Become a Premium Member for full access
  Unlock Premium Member
Total 1.573 questions
Go to page: of 158
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is MOST important to determine when assessing the potential risk exposure of a loss event involving personal data?
Which of the following is a risk practitioner's BEST course of action after identifying risk scenarios related to noncompliance with new industry regulations?
When reviewing management's IT control self-assessments, a risk practitioner noted an ineffective control that links to several low residual risk scenarios. What should be the NEXT course of action?
An effective control environment is BEST indicated by controls that:
A global organization is considering the acquisition of a competitor. Senior management has requested a review of the overall risk profile from the targeted organization. Which of the following components of this review would provide the MOST useful information?
Which of the following is the MOST effective way to integrate business risk management with IT operations?
During testing, a risk practitioner finds the IT department's recovery time objective (RTO) for a key system does not align with the enterprise's business continuity plan (BCP). Which of the following should be done NEXT?
The BEST key performance indicator (KPI) to measure the effectiveness of a backup process would be the number of:
During an IT risk scenario review session, business executives question why they have been assigned ownership of IT-related risk scenarios. They feel IT risk is technical in nature and therefore should be owned by IT. Which of the following is the BEST way for the risk practitioner to address these concerns?
Which of the following is the BEST course of action when an organization wants to reduce likelihood in order to reduce a risk level?