ExamGecko
Login
Home / Isaca / CRISC / List of questions
Ask Question

Isaca CRISC Practice Test - Questions Answers, Page 43

Add to Whishlist

List of questions

Question 421

Report Export Collapse

To mitigate the risk of using a spreadsheet to analyze financial data, IT has engaged a third-party vendor to deploy a standard application to automate the process. Which of the following parties should own the risk associated with calculation errors?

Become a Premium Member for full access
  Unlock Premium Member

Question 422

Report Export Collapse

A risk practitioner shares the results of a vulnerability assessment for a critical business application with the business manager. Which of the following is the NEXT step?

Become a Premium Member for full access
  Unlock Premium Member

Question 423

Report Export Collapse

Which of the following provides the MOST helpful reference point when communicating the results of a risk assessment to stakeholders?

Become a Premium Member for full access
  Unlock Premium Member

Question 424

Report Export Collapse

Which of the following is MOST influential when management makes risk response decisions?

Become a Premium Member for full access
  Unlock Premium Member

Question 425

Report Export Collapse

The risk appetite for an organization could be derived from which of the following?

Become a Premium Member for full access
  Unlock Premium Member

Question 426

Report Export Collapse

A third-party vendor has offered to perform user access provisioning and termination. Which of the following control accountabilities is BEST retained within the organization?

Become a Premium Member for full access
  Unlock Premium Member

Question 427

Report Export Collapse

Which of the following BEST reduces the probability of laptop theft?

Become a Premium Member for full access
  Unlock Premium Member

Question 428

Report Export Collapse

Which of the following resources is MOST helpful when creating a manageable set of IT risk scenarios?

Become a Premium Member for full access
  Unlock Premium Member

Question 429

Report Export Collapse

The BEST key performance indicator (KPI) to measure the effectiveness of a vendor risk management program is the percentage of:

Become a Premium Member for full access
  Unlock Premium Member

Question 430

Report Export Collapse

What is the MOST important consideration when aligning IT risk management with the enterprise risk management (ERM) framework?

Become a Premium Member for full access
  Unlock Premium Member
Total 1.573 questions
Go to page: of 158
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is MOST important to determine when assessing the potential risk exposure of a loss event involving personal data?
Which of the following is a risk practitioner's BEST course of action after identifying risk scenarios related to noncompliance with new industry regulations?
When reviewing management's IT control self-assessments, a risk practitioner noted an ineffective control that links to several low residual risk scenarios. What should be the NEXT course of action?
An effective control environment is BEST indicated by controls that:
A global organization is considering the acquisition of a competitor. Senior management has requested a review of the overall risk profile from the targeted organization. Which of the following components of this review would provide the MOST useful information?
Which of the following is the MOST effective way to integrate business risk management with IT operations?
During testing, a risk practitioner finds the IT department's recovery time objective (RTO) for a key system does not align with the enterprise's business continuity plan (BCP). Which of the following should be done NEXT?
The BEST key performance indicator (KPI) to measure the effectiveness of a backup process would be the number of:
During an IT risk scenario review session, business executives question why they have been assigned ownership of IT-related risk scenarios. They feel IT risk is technical in nature and therefore should be owned by IT. Which of the following is the BEST way for the risk practitioner to address these concerns?
Which of the following is the BEST course of action when an organization wants to reduce likelihood in order to reduce a risk level?