ExamGecko
Login
Home / Isaca / CRISC / List of questions
Ask Question

Isaca CRISC Practice Test - Questions Answers, Page 54

Add to Whishlist

List of questions

Question 531

Report Export Collapse

What should a risk practitioner do FIRST when vulnerability assessment results identify a weakness in an application?

Become a Premium Member for full access
  Unlock Premium Member

Question 532

Report Export Collapse

A risk practitioner notices a trend of noncompliance with an IT-related control. Which of the following would BEST assist in making a recommendation to management?

Become a Premium Member for full access
  Unlock Premium Member

Question 533

Report Export Collapse

Within the three lines of defense model, the accountability for the system of internal control resides with:

Become a Premium Member for full access
  Unlock Premium Member

Question 534

Report Export Collapse

Which of the following should be the PRIMARY recipient of reports showing the progress of a current IT risk mitigation project?

Become a Premium Member for full access
  Unlock Premium Member

Question 535

Report Export Collapse

Which of these documents is MOST important to request from a cloud service provider during a vendor risk assessment?

Become a Premium Member for full access
  Unlock Premium Member

Question 536

Report Export Collapse

Which type of cloud computing deployment provides the consumer the GREATEST degree of control over the environment?

Become a Premium Member for full access
  Unlock Premium Member

Question 537

Report Export Collapse

An organization is considering adopting artificial intelligence (AI). Which of the following is the risk practitioner's MOST important course of action?

Become a Premium Member for full access
  Unlock Premium Member

Question 538

Report Export Collapse

Mitigating technology risk to acceptable levels should be based PRIMARILY upon:

Become a Premium Member for full access
  Unlock Premium Member

Question 539

Report Export Collapse

An organization is preparing to transfer a large number of customer service representatives to the sales department. Of the following, who is responsible for mitigating the risk associated with residual system access?

Become a Premium Member for full access
  Unlock Premium Member

Question 540

Report Export Collapse

A change management process has recently been updated with new testing procedures. What is the NEXT course of action?

Become a Premium Member for full access
  Unlock Premium Member
Total 1.573 questions
Go to page: of 158
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is MOST important to determine when assessing the potential risk exposure of a loss event involving personal data?
Which of the following is a risk practitioner's BEST course of action after identifying risk scenarios related to noncompliance with new industry regulations?
When reviewing management's IT control self-assessments, a risk practitioner noted an ineffective control that links to several low residual risk scenarios. What should be the NEXT course of action?
An effective control environment is BEST indicated by controls that:
A global organization is considering the acquisition of a competitor. Senior management has requested a review of the overall risk profile from the targeted organization. Which of the following components of this review would provide the MOST useful information?
Which of the following is the MOST effective way to integrate business risk management with IT operations?
During testing, a risk practitioner finds the IT department's recovery time objective (RTO) for a key system does not align with the enterprise's business continuity plan (BCP). Which of the following should be done NEXT?
The BEST key performance indicator (KPI) to measure the effectiveness of a backup process would be the number of:
During an IT risk scenario review session, business executives question why they have been assigned ownership of IT-related risk scenarios. They feel IT risk is technical in nature and therefore should be owned by IT. Which of the following is the BEST way for the risk practitioner to address these concerns?
Which of the following is the BEST course of action when an organization wants to reduce likelihood in order to reduce a risk level?