ExamGecko
Login
Home / Isaca / CRISC / List of questions
Ask Question

Isaca CRISC Practice Test - Questions Answers, Page 40

Add to Whishlist

List of questions

Question 391

Report Export Collapse

Which of the following should an organization perform to forecast the effects of a disaster?

Become a Premium Member for full access
  Unlock Premium Member

Question 392

Report Export Collapse

Which of the following can be used to assign a monetary value to risk?

Become a Premium Member for full access
  Unlock Premium Member

Question 393

Report Export Collapse

A recent internal risk review reveals the majority of core IT application recovery time objectives (RTOs) have exceeded the maximum time defined by the business application owners. Which of the following is MOST likely to change as a result?

Become a Premium Member for full access
  Unlock Premium Member

Question 394

Report Export Collapse

A business manager wants to leverage an existing approved vendor solution from another area within the organization. Which of the following is the risk practitioner's BEST course of action?

Become a Premium Member for full access
  Unlock Premium Member

Question 395

Report Export Collapse

It is MOST important to the effectiveness of an IT risk management function that the associated processes are:

Become a Premium Member for full access
  Unlock Premium Member

Question 396

Report Export Collapse

A department has been granted an exception to bypass the existing approval process for purchase orders. The risk practitioner should verify the exception has been approved by which of the following?

Become a Premium Member for full access
  Unlock Premium Member

Question 397

Report Export Collapse

Which of the following would be MOST beneficial as a key risk indicator (KRI)?

Become a Premium Member for full access
  Unlock Premium Member

Question 398

Report Export Collapse

Of the following, who should be responsible for determining the inherent risk rating of an application?

Become a Premium Member for full access
  Unlock Premium Member

Question 399

Report Export Collapse

Which of the following would provide the MOST comprehensive information for updating an organization's risk register?

Become a Premium Member for full access
  Unlock Premium Member

Question 400

Report Export Collapse

Which of the following statements in an organization's current risk profile report is cause for further action by senior management?

Become a Premium Member for full access
  Unlock Premium Member
Total 1.573 questions
Go to page: of 158
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is MOST important to determine when assessing the potential risk exposure of a loss event involving personal data?
Which of the following is a risk practitioner's BEST course of action after identifying risk scenarios related to noncompliance with new industry regulations?
When reviewing management's IT control self-assessments, a risk practitioner noted an ineffective control that links to several low residual risk scenarios. What should be the NEXT course of action?
An effective control environment is BEST indicated by controls that:
A global organization is considering the acquisition of a competitor. Senior management has requested a review of the overall risk profile from the targeted organization. Which of the following components of this review would provide the MOST useful information?
Which of the following is the MOST effective way to integrate business risk management with IT operations?
During testing, a risk practitioner finds the IT department's recovery time objective (RTO) for a key system does not align with the enterprise's business continuity plan (BCP). Which of the following should be done NEXT?
The BEST key performance indicator (KPI) to measure the effectiveness of a backup process would be the number of:
During an IT risk scenario review session, business executives question why they have been assigned ownership of IT-related risk scenarios. They feel IT risk is technical in nature and therefore should be owned by IT. Which of the following is the BEST way for the risk practitioner to address these concerns?
Which of the following is the BEST course of action when an organization wants to reduce likelihood in order to reduce a risk level?