ExamGecko
Login
Home / Isaca / CRISC / List of questions
Ask Question

Isaca CRISC Practice Test - Questions Answers, Page 38

Add to Whishlist

List of questions

Question 371

Report Export Collapse

Which of the following IT key risk indicators (KRIs) provides management with the BEST feedback on IT capacity?

Become a Premium Member for full access
  Unlock Premium Member

Question 372

Report Export Collapse

A risk owner has accepted a high-impact risk because the control was adversely affecting process efficiency. Before updating the risk register, it is MOST important for the risk practitioner to:

Become a Premium Member for full access
  Unlock Premium Member

Question 373

Report Export Collapse

Controls should be defined during the design phase of system development because:

Become a Premium Member for full access
  Unlock Premium Member

Question 374

Report Export Collapse

Which of the following would present the GREATEST challenge when assigning accountability for control ownership?

Become a Premium Member for full access
  Unlock Premium Member

Question 375

Report Export Collapse

Which of the following would MOST likely result in updates to an IT risk appetite statement?

Become a Premium Member for full access
  Unlock Premium Member

Question 376

Report Export Collapse

The risk associated with a high-risk vulnerability in an application is owned by the:

Become a Premium Member for full access
  Unlock Premium Member

Question 377

Report Export Collapse

An organization's internal audit department is considering the implementation of robotics process automation (RPA) to automate certain continuous auditing tasks. Who would own the risk associated with ineffective design of the software bots?

Become a Premium Member for full access
  Unlock Premium Member

Question 378

Report Export Collapse

Which of the following BEST helps to identify significant events that could impact an organization?

Vulnerability analysis

Become a Premium Member for full access
  Unlock Premium Member

Question 379

Report Export Collapse

Which of the following is the BEST key performance indicator (KPI) for determining how well an IT policy is aligned to business requirements?

Become a Premium Member for full access
  Unlock Premium Member

Question 380

Report Export Collapse

Which of the following provides the BEST evidence that risk mitigation plans have been implemented effectively?

Become a Premium Member for full access
  Unlock Premium Member
Total 1.573 questions
Go to page: of 158
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is MOST important to determine when assessing the potential risk exposure of a loss event involving personal data?
Which of the following is a risk practitioner's BEST course of action after identifying risk scenarios related to noncompliance with new industry regulations?
When reviewing management's IT control self-assessments, a risk practitioner noted an ineffective control that links to several low residual risk scenarios. What should be the NEXT course of action?
An effective control environment is BEST indicated by controls that:
A global organization is considering the acquisition of a competitor. Senior management has requested a review of the overall risk profile from the targeted organization. Which of the following components of this review would provide the MOST useful information?
Which of the following is the MOST effective way to integrate business risk management with IT operations?
During testing, a risk practitioner finds the IT department's recovery time objective (RTO) for a key system does not align with the enterprise's business continuity plan (BCP). Which of the following should be done NEXT?
The BEST key performance indicator (KPI) to measure the effectiveness of a backup process would be the number of:
During an IT risk scenario review session, business executives question why they have been assigned ownership of IT-related risk scenarios. They feel IT risk is technical in nature and therefore should be owned by IT. Which of the following is the BEST way for the risk practitioner to address these concerns?
Which of the following is the BEST course of action when an organization wants to reduce likelihood in order to reduce a risk level?