Isaca CRISC Practice Test - Questions Answers, Page 140
List of questions
Question 1391

A risk practitioner is defining metrics for security threats that were not identified by antivirus software. Which type of metric is being developed?
Question 1392

Which of the following BEST mitigates ethical risk?
Question 1393

Which process is MOST effective to determine relevance of threats for risk scenarios?
Question 1394

Which of the following is the BEST approach for obtaining management buy-in to implement additional IT controls?
Question 1395

Which of the following is the MOST important consideration for the board and senior leadership regarding the organization's approach to risk management for emerging technologies?
Question 1396

An organization recently implemented an automated interface for uploading payment files to its banking system to replace manual processing. Which of the following elements of the risk register is MOST appropriate for the risk practitioner to update to reflect the improved control?
Question 1397

A data center has recently been migrated to a jurisdiction where heavy fines will be imposed should leakage of customer personal data occur. Assuming no other changes to the operating environment, which factor should be updated to reflect this situation as an input to scenario development for this particular risk event?
Question 1398

Which of the following is MOST important to review when an organization needs to transition the majority of its employees to remote work during a crisis?
Question 1399

Reviewing which of the following would provide the MOST useful information when preparing to evaluate the effectiveness of existing controls?
Question 1400

Which of the following BEST enables the integration of IT risk management across an organization?
Question