ExamGecko
Home / Isaca / CRISC / List of questions
Ask Question

Isaca CRISC Practice Test - Questions Answers, Page 7

Add to Whishlist

List of questions

Question 61

Report Export Collapse

From a business perspective, which of the following is the MOST important objective of a disaster recovery test?

The organization gains assurance it can recover from a disaster
The organization gains assurance it can recover from a disaster
Errors are discovered in the disaster recovery process.
Errors are discovered in the disaster recovery process.
All business critical systems are successfully tested.
All business critical systems are successfully tested.
All critical data is recovered within recovery time objectives (RTOs).
All critical data is recovered within recovery time objectives (RTOs).
Suggested answer: B
asked 18/09/2024
Tunde Ogunkoya
33 questions

Question 62

Report Export Collapse

Which of the following is MOST important to understand when determining an appropriate risk assessment approach?

Complexity of the IT infrastructure
Complexity of the IT infrastructure
Value of information assets
Value of information assets
Management culture
Management culture
Threats and vulnerabilities
Threats and vulnerabilities
Suggested answer: B
asked 18/09/2024
edoardo peraino
29 questions

Question 63

Report Export Collapse

A risk practitioner is organizing a training session lo communicate risk assessment methodologies to ensure a consistent risk view within the organization Which of the following i< the MOST important topic to cover in this training?

Applying risk appetite
Applying risk appetite
Applying risk factors
Applying risk factors
Referencing risk event data
Referencing risk event data
Understanding risk culture
Understanding risk culture
Suggested answer: D
asked 18/09/2024
Aung Zin
49 questions

Question 64

Report Export Collapse

During the risk assessment of an organization that processes credit cards, a number of existing controls have been found to be ineffective and do not meet industry standards. The overall control environment may still be effective if:

compensating controls are in place.
compensating controls are in place.
a control mitigation plan is in place.
a control mitigation plan is in place.
risk management is effective.
risk management is effective.
residual risk is accepted.
residual risk is accepted.
Suggested answer: A
asked 18/09/2024
Fthcx Fgghn
40 questions

Question 65

Report Export Collapse

An organization has procured a managed hosting service and just discovered the location is likely to be flooded every 20 years. Of the following, who should be notified of this new information FIRST.

The risk owner who also owns the business service enabled by this infrastructure
The risk owner who also owns the business service enabled by this infrastructure
The data center manager who is also employed under the managed hosting services contract
The data center manager who is also employed under the managed hosting services contract
The site manager who is required to provide annual risk assessments under the contract
The site manager who is required to provide annual risk assessments under the contract
The chief information officer (CIO) who is responsible for the hosted services
The chief information officer (CIO) who is responsible for the hosted services
Suggested answer: A
asked 18/09/2024
Joseph Daly
47 questions

Question 66

Report Export Collapse

Which of the following is the BEST metric to demonstrate the effectiveness of an organization's change management process?

Increase in the frequency of changes
Increase in the frequency of changes
Percent of unauthorized changes
Percent of unauthorized changes
Increase in the number of emergency changes
Increase in the number of emergency changes
Average time to complete changes
Average time to complete changes
Suggested answer: B
asked 18/09/2024
Patricia Vontitte
43 questions

Question 67

Report Export Collapse

Which of the following IT controls is MOST useful in mitigating the risk associated with inaccurate data?

Encrypted storage of data
Encrypted storage of data
Links to source data
Links to source data
Audit trails for updates and deletions
Audit trails for updates and deletions
Check totals on data records and data fields
Check totals on data records and data fields
Suggested answer: D
asked 18/09/2024
Mark Anthony Acorda
40 questions

Question 68

Report Export Collapse

A risk practitioner is organizing risk awareness training for senior management. Which of the following is the MOST important topic to cover in the training session?

The organization's strategic risk management projects
The organization's strategic risk management projects
Senior management roles and responsibilities
Senior management roles and responsibilities
The organizations risk appetite and tolerance
The organizations risk appetite and tolerance
Senior management allocation of risk management resources
Senior management allocation of risk management resources
Suggested answer: B
asked 18/09/2024
Nidal Allamadani
55 questions

Question 69

Report Export Collapse

An organization wants to assess the maturity of its internal control environment. The FIRST step should be to:

validate control process execution.
validate control process execution.
determine if controls are effective.
determine if controls are effective.
identify key process owners.
identify key process owners.
conduct a baseline assessment.
conduct a baseline assessment.
Suggested answer: C
asked 18/09/2024
Emmanuel Aminu
41 questions

Question 70

Report Export Collapse

An organization has allowed its cyber risk insurance to lapse while seeking a new insurance provider. The risk practitioner should report to management that the risk has been:

transferred
transferred
mitigated.
mitigated.
accepted
accepted
avoided
avoided
Suggested answer: C
asked 18/09/2024
Aidan Lear
57 questions
Total 1.573 questions
Go to page: of 158
Search

Related questions