Isaca CRISC Practice Test - Questions Answers, Page 114

List of questions
Question 1131

To define the risk management strategy which of the following MUST be set by the board of directors?
Question 1132

An information security audit identified a risk resulting from the failure of an automated control Who is responsible for ensuring the risk register is updated accordingly?
Question 1133

Which of the following is the PRIMARY reason to engage business unit managers in risk management processes'?
Question 1134

An organization retains footage from its data center security camera for 30 days when the policy requires 90-day retention The business owner challenges whether the situation is worth remediating Which of the following is the risk manager s BEST response'
Question 1135

An organization has been experiencing an increasing number of spear phishing attacks Which of the following would be the MOST effective way to mitigate the risk associated with these attacks?
Question 1136

During a risk assessment, a risk practitioner learns that an IT risk factor is adequately mitigated by compensating controls in an associated business process. Which of the following would enable the MOST effective management of the residual risk?
Question 1137

Who should be responsible for determining which stakeholders need to be involved in the development of a risk scenario?
Question 1138

Which of the following is a risk practitioner's BEST course of action after identifying risk scenarios related to noncompliance with new industry regulations?
Question 1139

Which of the following is the GREATEST benefit of having a mature enterprise architecture (EA) in place?
Question 1140

Which of the following would provide the MOST useful input when evaluating the appropriateness of risk responses?
Question