ExamGecko
Login
Home / Isaca / CRISC / List of questions
Ask Question

Isaca CRISC Practice Test - Questions Answers, Page 121

List of questions

Question 1201

Report Export Collapse

Which of the following is the MOST essential factor for managing risk in a highly dynamic environment?

Become a Premium Member for full access
  Unlock Premium Member

Question 1202

Report Export Collapse

Who should be responsible for approving the cost of controls to be implemented for mitigating risk?

Become a Premium Member for full access
  Unlock Premium Member

Question 1203

Report Export Collapse

An organization recently experienced a cyber attack that resulted in the loss of confidential customer data. Which of the following is the risk practitioner's BEST recommendation after recovery steps have been completed?

Become a Premium Member for full access
  Unlock Premium Member

Question 1204

Report Export Collapse

An organization wants to transfer risk by purchasing cyber insurance. Which of the following would be MOST important for the risk practitioner to communicate to senior management for contract negotiation purposes?

Become a Premium Member for full access
  Unlock Premium Member

Question 1205

Report Export Collapse

An organizational policy requires critical security patches to be deployed in production within three weeks of patch availability. Which of the following is the BEST metric to verify adherence to the policy?

Become a Premium Member for full access
  Unlock Premium Member

Question 1206

Report Export Collapse

Which of the following is the ULTIMATE objective of utilizing key control indicators (KCIs) in the risk management process?

Become a Premium Member for full access
  Unlock Premium Member

Question 1207

Report Export Collapse

Risk mitigation is MOST effective when which of the following is optimized?

Become a Premium Member for full access
  Unlock Premium Member

Question 1208

Report Export Collapse

An organization has been made aware of a newly discovered critical vulnerability in a regulatory reporting system. Which of the following is the risk practitioner's BEST course of action?

Become a Premium Member for full access
  Unlock Premium Member

Question 1209

Report Export Collapse

An organization's capability to implement a risk management framework is PRIMARILY influenced by the:

Become a Premium Member for full access
  Unlock Premium Member

Question 1210

Report Export Collapse

Which of the following BEST supports the management of identified risk scenarios?

Become a Premium Member for full access
  Unlock Premium Member
Total 1.573 questions
Go to page: of 158
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is MOST important to determine when assessing the potential risk exposure of a loss event involving personal data?
Which of the following is a risk practitioner's BEST course of action after identifying risk scenarios related to noncompliance with new industry regulations?
When reviewing management's IT control self-assessments, a risk practitioner noted an ineffective control that links to several low residual risk scenarios. What should be the NEXT course of action?
An effective control environment is BEST indicated by controls that:
A global organization is considering the acquisition of a competitor. Senior management has requested a review of the overall risk profile from the targeted organization. Which of the following components of this review would provide the MOST useful information?
Which of the following is the MOST effective way to integrate business risk management with IT operations?
During testing, a risk practitioner finds the IT department's recovery time objective (RTO) for a key system does not align with the enterprise's business continuity plan (BCP). Which of the following should be done NEXT?
The BEST key performance indicator (KPI) to measure the effectiveness of a backup process would be the number of:
During an IT risk scenario review session, business executives question why they have been assigned ownership of IT-related risk scenarios. They feel IT risk is technical in nature and therefore should be owned by IT. Which of the following is the BEST way for the risk practitioner to address these concerns?
Which of the following is the BEST course of action when an organization wants to reduce likelihood in order to reduce a risk level?