ExamGecko
Login
Home / Isaca / CRISC / List of questions
Ask Question

Isaca CRISC Practice Test - Questions Answers, Page 25

Add to Whishlist

List of questions

Question 241

Report Export Collapse

Which of the following is the MOST important input when developing risk scenarios?

Key performance indicators
Key performance indicators
Business objectives
Business objectives
The organization's risk framework
The organization's risk framework
Risk appetite
Risk appetite
Suggested answer: B
asked 18/09/2024
Edmond Chui
39 questions

Question 242

Report Export Collapse

Which of the following is the GREATEST concern associated with the transmission of healthcare data across the internet?

Unencrypted data
Unencrypted data
Lack of redundant circuits
Lack of redundant circuits
Low bandwidth connections
Low bandwidth connections
Data integrity
Data integrity
Suggested answer: A
asked 18/09/2024
Maher Khamessi
33 questions

Question 243

Report Export Collapse

Which of the following should be included in a risk assessment report to BEST facilitate senior management's understanding of the results?

Benchmarking parameters likely to affect the results
Benchmarking parameters likely to affect the results
Tools and techniques used by risk owners to perform the assessments
Tools and techniques used by risk owners to perform the assessments
A risk heat map with a summary of risk identified and assessed
A risk heat map with a summary of risk identified and assessed
The possible impact of internal and external risk factors on the assessment results
The possible impact of internal and external risk factors on the assessment results
Suggested answer: C
asked 18/09/2024
Arvind Prasad S
48 questions

Question 244

Report Export Collapse

The MOST important reason to aggregate results from multiple risk assessments on interdependent information systems is to:

establish overall impact to the organization
establish overall impact to the organization
efficiently manage the scope of the assignment
efficiently manage the scope of the assignment
identify critical information systems
identify critical information systems
facilitate communication to senior management
facilitate communication to senior management
Suggested answer: A
asked 18/09/2024
Arnaldo Martinez 2-30793
48 questions

Question 245

Report Export Collapse

Which of the following would be MOST relevant to stakeholders regarding ineffective control implementation?

Threat to IT
Threat to IT
Number of control failures
Number of control failures
Impact on business
Impact on business
Risk ownership
Risk ownership
Suggested answer: C
asked 18/09/2024
Andrey Zhukovskiy
45 questions

Question 246

Report Export Collapse

During a risk assessment, the risk practitioner finds a new risk scenario without controls has been entered into the risk register. Which of the following is the MOST appropriate action?

Include the new risk scenario in the current risk assessment.
Include the new risk scenario in the current risk assessment.
Postpone the risk assessment until controls are identified.
Postpone the risk assessment until controls are identified.
Request the risk scenario be removed from the register.
Request the risk scenario be removed from the register.
Exclude the new risk scenario from the current risk assessment
Exclude the new risk scenario from the current risk assessment
Suggested answer: A
asked 18/09/2024
alejandro capel
56 questions

Question 247

Report Export Collapse

Which of the following should be initiated when a high number of noncompliant conditions are observed during review of a control procedure?

Disciplinary action
Disciplinary action
A control self-assessment
A control self-assessment
A review of the awareness program
A review of the awareness program
Root cause analysis
Root cause analysis
Suggested answer: D
asked 18/09/2024
Ed Quinn
38 questions

Question 248

Report Export Collapse

A new policy has been published to forbid copying of data onto removable medi a. Which type of control has been implemented?

Preventive
Preventive
Detective
Detective
Directive
Directive
Deterrent
Deterrent
Suggested answer: C
asked 18/09/2024
Rahul Biradavolu
47 questions

Question 249

Report Export Collapse

Which of the following is the BEST indicator of the effectiveness of a control monitoring program?

Time between control failure and failure detection
Time between control failure and failure detection
Number of key controls as a percentage of total control count
Number of key controls as a percentage of total control count
Time spent on internal control assessment reviews
Time spent on internal control assessment reviews
Number of internal control failures within the measurement period
Number of internal control failures within the measurement period
Suggested answer: A
asked 18/09/2024
Anna Fagulova
39 questions

Question 250

Report Export Collapse

Which of the following provides The MOST useful information when determining a risk management program's maturity level?

Risk assessment results
Risk assessment results
A recently reviewed risk register
A recently reviewed risk register
Key performance indicators (KPIs)
Key performance indicators (KPIs)
The organization's risk framework
The organization's risk framework
Suggested answer: A
asked 18/09/2024
Lee Greenshields
42 questions
Total 1.573 questions
Go to page: of 158
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is MOST important to determine when assessing the potential risk exposure of a loss event involving personal data?
Which of the following is a risk practitioner's BEST course of action after identifying risk scenarios related to noncompliance with new industry regulations?
When reviewing management's IT control self-assessments, a risk practitioner noted an ineffective control that links to several low residual risk scenarios. What should be the NEXT course of action?
An effective control environment is BEST indicated by controls that:
A global organization is considering the acquisition of a competitor. Senior management has requested a review of the overall risk profile from the targeted organization. Which of the following components of this review would provide the MOST useful information?
Which of the following is the MOST effective way to integrate business risk management with IT operations?
During testing, a risk practitioner finds the IT department's recovery time objective (RTO) for a key system does not align with the enterprise's business continuity plan (BCP). Which of the following should be done NEXT?
The BEST key performance indicator (KPI) to measure the effectiveness of a backup process would be the number of:
During an IT risk scenario review session, business executives question why they have been assigned ownership of IT-related risk scenarios. They feel IT risk is technical in nature and therefore should be owned by IT. Which of the following is the BEST way for the risk practitioner to address these concerns?
Which of the following is the BEST course of action when an organization wants to reduce likelihood in order to reduce a risk level?