ExamGecko
Login
Home / Isaca / CRISC / List of questions
Ask Question

Isaca CRISC Practice Test - Questions Answers, Page 39

Add to Whishlist

List of questions

Question 381

Report Export Collapse

Which of the following is the PRIMARY responsibility of the first line of defense related to computer-enabled fraud?

Become a Premium Member for full access
  Unlock Premium Member

Question 382

Report Export Collapse

Mapping open risk issues to an enterprise risk heat map BEST facilitates:

Become a Premium Member for full access
  Unlock Premium Member

Question 383

Report Export Collapse

Which of the following BEST enables the risk profile to serve as an effective resource to support business objectives?

Become a Premium Member for full access
  Unlock Premium Member

Question 384

Report Export Collapse

Which of the following will BEST ensure that information security risk factors are mitigated when developing in-house applications?

Become a Premium Member for full access
  Unlock Premium Member

Question 385

Report Export Collapse

An organization has identified that terminated employee accounts are not disabled or deleted within the time required by corporate policy. Unsure of the reason, the organization has decided to monitor the situation for three months to obtain more information. As a result of this decision, the risk has been:

Become a Premium Member for full access
  Unlock Premium Member

Question 386

Report Export Collapse

Which of the following is MOST effective in continuous risk management process improvement?

Become a Premium Member for full access
  Unlock Premium Member

Question 387

Report Export Collapse

Which of the following would provide executive management with the BEST information to make risk decisions as a result of a risk assessment?

Become a Premium Member for full access
  Unlock Premium Member

Question 388

Report Export Collapse

Implementing which of the following controls would BEST reduce the impact of a vulnerability that has been exploited?

Become a Premium Member for full access
  Unlock Premium Member

Question 389

Report Export Collapse

What should be the PRIMARY objective for a risk practitioner performing a post-implementation review of an IT risk mitigation project?

Become a Premium Member for full access
  Unlock Premium Member

Question 390

Report Export Collapse

Which of the following is MOST important when discussing risk within an organization?

Become a Premium Member for full access
  Unlock Premium Member
Total 1.573 questions
Go to page: of 158
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is MOST important to determine when assessing the potential risk exposure of a loss event involving personal data?
Which of the following is a risk practitioner's BEST course of action after identifying risk scenarios related to noncompliance with new industry regulations?
When reviewing management's IT control self-assessments, a risk practitioner noted an ineffective control that links to several low residual risk scenarios. What should be the NEXT course of action?
An effective control environment is BEST indicated by controls that:
A global organization is considering the acquisition of a competitor. Senior management has requested a review of the overall risk profile from the targeted organization. Which of the following components of this review would provide the MOST useful information?
Which of the following is the MOST effective way to integrate business risk management with IT operations?
During testing, a risk practitioner finds the IT department's recovery time objective (RTO) for a key system does not align with the enterprise's business continuity plan (BCP). Which of the following should be done NEXT?
The BEST key performance indicator (KPI) to measure the effectiveness of a backup process would be the number of:
During an IT risk scenario review session, business executives question why they have been assigned ownership of IT-related risk scenarios. They feel IT risk is technical in nature and therefore should be owned by IT. Which of the following is the BEST way for the risk practitioner to address these concerns?
Which of the following is the BEST course of action when an organization wants to reduce likelihood in order to reduce a risk level?