Isaca CRISC Practice Test - Questions Answers, Page 139
List of questions
Question 1381

Which of the following provides the BEST evidence that risk responses are effective?
Question 1382

An organization has an internal control that requires all access for employees be removed within 15 days of their termination date. Which of the following should the risk practitioner use to monitor adherence to the 15-day threshold?
Question 1383

Which of the following is the BEST indication that key risk indicators (KRIs) should be revised?
Question 1384

Which of the following is the MOST useful information an organization can obtain from external sources about emerging threats?
Question 1385

After conducting a risk assessment for regulatory compliance, an organization has identified only one possible mitigating control. The cost of the control has been determined to be higher than the penalty of noncompliance. Which of the following would be the risk practitioner's BEST recommendation?
Question 1386

Which of the following is the BEST approach when a risk treatment plan cannot be completed on time?
Question 1387

Which of the following should be done FIRST when a new risk scenario has been identified
Question 1388

Which of the following activities is a responsibility of the second line of defense?
Question 1389

Which of the following is MOST important requirement to include in a Software as a Service (SaaS) vendor contract to ensure data is protected?
Question 1390

Which of the following offers the SIMPLEST overview of changes in an organization's risk profile?
Question