ExamGecko
Login
Home / Isaca / CRISC / List of questions
Ask Question

Isaca CRISC Practice Test - Questions Answers, Page 3

Add to Whishlist

List of questions

Question 21

Report Export Collapse

Which of the following would BEST help to ensure that identified risk is efficiently managed?

Reviewing the maturity of the control environment
Reviewing the maturity of the control environment
Regularly monitoring the project plan
Regularly monitoring the project plan
Maintaining a key risk indicator for each asset in the risk register
Maintaining a key risk indicator for each asset in the risk register
Periodically reviewing controls per the risk treatment plan
Periodically reviewing controls per the risk treatment plan
Suggested answer: D
asked 18/09/2024
Brooke Galiata
36 questions

Question 22

Report Export Collapse

The head of a business operations department asks to review the entire IT risk register. Which of the following would be the risk manager s BEST approach to this request before sharing the register?

Escalate to senior management
Escalate to senior management
Require a nondisclosure agreement.
Require a nondisclosure agreement.
Sanitize portions of the register
Sanitize portions of the register
Determine the purpose of the request
Determine the purpose of the request
Suggested answer: D
asked 18/09/2024
Oktorio Rizki Prasetya
48 questions

Question 23

Report Export Collapse

Which of the following techniques would be used during a risk assessment to demonstrate to stakeholders that all known alternatives were evaluated?

Control chart
Control chart
Sensitivity analysis
Sensitivity analysis
Trend analysis
Trend analysis
Decision tree
Decision tree
Suggested answer: D
asked 18/09/2024
Anil Dagar
45 questions

Question 24

Report Export Collapse

During a routine check, a system administrator identifies unusual activity indicating an intruder within a firewall. Which of the following controls has MOST likely been compromised?

Data validation
Data validation
Identification
Identification
Authentication
Authentication
Data integrity
Data integrity
Suggested answer: C
asked 18/09/2024
umar raad
38 questions

Question 25

Report Export Collapse

Which of the following BEST describes the role of the IT risk profile in strategic IT-related decisions?

It compares performance levels of IT assets to value delivered.
It compares performance levels of IT assets to value delivered.
It facilitates the alignment of strategic IT objectives to business objectives.
It facilitates the alignment of strategic IT objectives to business objectives.
It provides input to business managers when preparing a business case for new IT projects.
It provides input to business managers when preparing a business case for new IT projects.
It helps assess the effects of IT decisions on risk exposure
It helps assess the effects of IT decisions on risk exposure
Suggested answer: B
asked 18/09/2024
Glen Makhuvele
41 questions

Question 26

Report Export Collapse

Which of the following changes would be reflected in an organization's risk profile after the failure of a critical patch implementation?

Risk tolerance is decreased.
Risk tolerance is decreased.
Residual risk is increased.
Residual risk is increased.
Inherent risk is increased.
Inherent risk is increased.
Risk appetite is decreased
Risk appetite is decreased
Suggested answer: B
asked 18/09/2024
Kefash White
45 questions

Question 27

Report Export Collapse

Which of the following activities would BEST contribute to promoting an organization-wide risk-aware culture?

Performing a benchmark analysis and evaluating gaps
Performing a benchmark analysis and evaluating gaps
Conducting risk assessments and implementing controls
Conducting risk assessments and implementing controls
Communicating components of risk and their acceptable levels
Communicating components of risk and their acceptable levels
Participating in peer reviews and implementing best practices
Participating in peer reviews and implementing best practices
Suggested answer: C
asked 18/09/2024
Tanvir Anjum
45 questions

Question 28

Report Export Collapse

Which of the following is the MAIN reason for documenting the performance of controls?

Obtaining management sign-off
Obtaining management sign-off
Demonstrating effective risk mitigation
Demonstrating effective risk mitigation
Justifying return on investment
Justifying return on investment
Providing accurate risk reporting
Providing accurate risk reporting
Suggested answer: D
asked 18/09/2024
Tyrome Myatt
43 questions

Question 29

Report Export Collapse

When using a third party to perform penetration testing, which of the following is the MOST important control to minimize operational impact?

Perform a background check on the vendor.
Perform a background check on the vendor.
Require the vendor to sign a nondisclosure agreement.
Require the vendor to sign a nondisclosure agreement.
Require the vendor to have liability insurance.
Require the vendor to have liability insurance.
Clearly define the project scope
Clearly define the project scope
Suggested answer: D
asked 18/09/2024
Rajeev Parameswaran
44 questions

Question 30

Report Export Collapse

Which of the following attributes of a key risk indicator (KRI) is MOST important?

Repeatable
Repeatable
Automated
Automated
Quantitative
Quantitative
Qualitative
Qualitative
Suggested answer: A
asked 18/09/2024
Mark Anthony Simon
47 questions
Total 1.573 questions
Go to page: of 158
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is MOST important to determine when assessing the potential risk exposure of a loss event involving personal data?
Which of the following is a risk practitioner's BEST course of action after identifying risk scenarios related to noncompliance with new industry regulations?
When reviewing management's IT control self-assessments, a risk practitioner noted an ineffective control that links to several low residual risk scenarios. What should be the NEXT course of action?
An effective control environment is BEST indicated by controls that:
A global organization is considering the acquisition of a competitor. Senior management has requested a review of the overall risk profile from the targeted organization. Which of the following components of this review would provide the MOST useful information?
Which of the following is the MOST effective way to integrate business risk management with IT operations?
During testing, a risk practitioner finds the IT department's recovery time objective (RTO) for a key system does not align with the enterprise's business continuity plan (BCP). Which of the following should be done NEXT?
The BEST key performance indicator (KPI) to measure the effectiveness of a backup process would be the number of:
During an IT risk scenario review session, business executives question why they have been assigned ownership of IT-related risk scenarios. They feel IT risk is technical in nature and therefore should be owned by IT. Which of the following is the BEST way for the risk practitioner to address these concerns?
Which of the following is the BEST course of action when an organization wants to reduce likelihood in order to reduce a risk level?