ExamGecko
Login
Home / Isaca / CRISC / List of questions
Ask Question

Isaca CRISC Practice Test - Questions Answers, Page 60

Add to Whishlist

List of questions

Question 591

Report Export Collapse

Which of the following data would be used when performing a business impact analysis (BIA)?

Become a Premium Member for full access
  Unlock Premium Member

Question 592

Report Export Collapse

Prudent business practice requires that risk appetite not exceed:

Become a Premium Member for full access
  Unlock Premium Member

Question 593

Report Export Collapse

Which of the following MUST be updated to maintain an IT risk register?

Become a Premium Member for full access
  Unlock Premium Member

Question 594

Report Export Collapse

Which of the following is the GREATEST benefit when enterprise risk management (ERM) provides oversight of IT risk management?

Become a Premium Member for full access
  Unlock Premium Member

Question 595

Report Export Collapse

An organization automatically approves exceptions to security policies on a recurring basis. This practice is MOST likely the result of:

Become a Premium Member for full access
  Unlock Premium Member

Question 596

Report Export Collapse

Which of the following is the BEST reason to use qualitative measures to express residual risk levels related to emerging threats?

Become a Premium Member for full access
  Unlock Premium Member

Question 597

Report Export Collapse

Which of the following is the BEST indicator of the effectiveness of IT risk management processes?

Become a Premium Member for full access
  Unlock Premium Member

Question 598

Report Export Collapse

A highly regulated organization acquired a medical technology startup company that processes sensitive personal information with weak data protection controls. Which of the following is the BEST way for the acquiring company to reduce its risk while still enabling the flexibility needed by the startup company?

Become a Premium Member for full access
  Unlock Premium Member

Question 599

Report Export Collapse

Which of the following is the BEST indication of a mature organizational risk culture?

Become a Premium Member for full access
  Unlock Premium Member

Question 600

Report Export Collapse

Which of the following should be the MOST important consideration for senior management when developing a risk response strategy?

Become a Premium Member for full access
  Unlock Premium Member
Total 1.573 questions
Go to page: of 158
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is MOST important to determine when assessing the potential risk exposure of a loss event involving personal data?
Which of the following is a risk practitioner's BEST course of action after identifying risk scenarios related to noncompliance with new industry regulations?
When reviewing management's IT control self-assessments, a risk practitioner noted an ineffective control that links to several low residual risk scenarios. What should be the NEXT course of action?
An effective control environment is BEST indicated by controls that:
A global organization is considering the acquisition of a competitor. Senior management has requested a review of the overall risk profile from the targeted organization. Which of the following components of this review would provide the MOST useful information?
Which of the following is the MOST effective way to integrate business risk management with IT operations?
During testing, a risk practitioner finds the IT department's recovery time objective (RTO) for a key system does not align with the enterprise's business continuity plan (BCP). Which of the following should be done NEXT?
The BEST key performance indicator (KPI) to measure the effectiveness of a backup process would be the number of:
During an IT risk scenario review session, business executives question why they have been assigned ownership of IT-related risk scenarios. They feel IT risk is technical in nature and therefore should be owned by IT. Which of the following is the BEST way for the risk practitioner to address these concerns?
Which of the following is the BEST course of action when an organization wants to reduce likelihood in order to reduce a risk level?