Isaca CRISC Practice Test - Questions Answers, Page 114

An information security audit identified a risk resulting from the failure of an automated control Who is responsible for ensuring the risk register is updated accordingly?

Which of the following is the PRIMARY reason to engage business unit managers in risk management processes'?

An organization retains footage from its data center security camera for 30 days when the policy requires 90-day retention The business owner challenges whether the situation is worth remediating Which of the following is the risk manager s BEST response'

An organization has been experiencing an increasing number of spear phishing attacks Which of the following would be the MOST effective way to mitigate the risk associated with these attacks?

During a risk assessment, a risk practitioner learns that an IT risk factor is adequately mitigated by compensating controls in an associated business process. Which of the following would enable the MOST effective management of the residual risk?

Who should be responsible for determining which stakeholders need to be involved in the development of a risk scenario?

Which of the following is a risk practitioner's BEST course of action after identifying risk scenarios related to noncompliance with new industry regulations?

Which of the following is the GREATEST benefit of having a mature enterprise architecture (EA) in place?

Which of the following would provide the MOST useful input when evaluating the appropriateness of risk responses?