ExamGecko
Login
Home / Isaca / CRISC / List of questions
Ask Question

Isaca CRISC Practice Test - Questions Answers, Page 45

Add to Whishlist

List of questions

Question 441

Report Export Collapse

Which of the following will MOST improve stakeholders' understanding of the effect of a potential threat?

Become a Premium Member for full access
  Unlock Premium Member

Question 442

Report Export Collapse

A risk practitioner has just learned about new done FIRST?

Become a Premium Member for full access
  Unlock Premium Member

Question 443

Report Export Collapse

When testing the security of an IT system, il is MOST important to ensure that;

Become a Premium Member for full access
  Unlock Premium Member

Question 444

Report Export Collapse

Which of the following risk scenarios would be the GREATEST concern as a result of a single sign-on implementation?

Become a Premium Member for full access
  Unlock Premium Member

Question 445

Report Export Collapse

Which of the following would provide the MOST objective assessment of the effectiveness of an organization's security controls?

Become a Premium Member for full access
  Unlock Premium Member

Question 446

Report Export Collapse

A risk owner has identified a risk with high impact and very low likelihood. The potential loss is covered by insurance. Which of the following should the risk practitioner do NEXT?

Become a Premium Member for full access
  Unlock Premium Member

Question 447

Report Export Collapse

A maturity model will BEST indicate:

Become a Premium Member for full access
  Unlock Premium Member

Question 448

Report Export Collapse

An organization has recently updated its disaster recovery plan (DRP). Which of the following would be the GREATEST risk if the new plan is not tested?

Become a Premium Member for full access
  Unlock Premium Member

Question 449

Report Export Collapse

What are the MOST important criteria to consider when developing a data classification scheme to facilitate risk assessment and the prioritization of risk mitigation activities?

Become a Premium Member for full access
  Unlock Premium Member

Question 450

Report Export Collapse

A control owner identifies that the organization's shared drive contains personally identifiable information (Pll) that can be accessed by all personnel. Which of the following is the MOST effective risk response?

Become a Premium Member for full access
  Unlock Premium Member
Total 1.573 questions
Go to page: of 158
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is MOST important to determine when assessing the potential risk exposure of a loss event involving personal data?
Which of the following is a risk practitioner's BEST course of action after identifying risk scenarios related to noncompliance with new industry regulations?
When reviewing management's IT control self-assessments, a risk practitioner noted an ineffective control that links to several low residual risk scenarios. What should be the NEXT course of action?
An effective control environment is BEST indicated by controls that:
A global organization is considering the acquisition of a competitor. Senior management has requested a review of the overall risk profile from the targeted organization. Which of the following components of this review would provide the MOST useful information?
Which of the following is the MOST effective way to integrate business risk management with IT operations?
During testing, a risk practitioner finds the IT department's recovery time objective (RTO) for a key system does not align with the enterprise's business continuity plan (BCP). Which of the following should be done NEXT?
The BEST key performance indicator (KPI) to measure the effectiveness of a backup process would be the number of:
During an IT risk scenario review session, business executives question why they have been assigned ownership of IT-related risk scenarios. They feel IT risk is technical in nature and therefore should be owned by IT. Which of the following is the BEST way for the risk practitioner to address these concerns?
Which of the following is the BEST course of action when an organization wants to reduce likelihood in order to reduce a risk level?