ExamGecko
Home / Isaca / IT Risk Fundamentals / Practice Test 2
Ask Question

Isaca IT Risk Fundamentals Practice Test 2

Add to Whishlist
00:00:00
Show Answer
Report Issue   Restart test

Question 1 / 35

When analyzing l&T-related risk, an enterprise defines likelihood and impact on a scale from 1 to 5, and the scale of impact also defines a range expressed in monetary terms. Which of the following risk analysis approaches has been adopted?

Qualitative approach

Qualitative approach

Quantitative approach

Quantitative approach

Hybrid approach

Hybrid approach

Comment (0)
Suggested answer: C
Explanation:

When an enterprise defines likelihood and impact on a scale from 1 to 5, and the scale of impact also defines a range expressed in monetary terms, a hybrid approach has been adopted. Here's why:

Qualitative Approach: This approach uses descriptive scales and subjective assessments to evaluate risk likelihood and impact. It does not typically involve monetary terms.

Quantitative Approach: This method uses numerical values and statistical models to measure risk, often involving monetary terms and precise calculations.

Hybrid Approach: This combines elements of both qualitative and quantitative approaches. By defining likelihood on a scale (qualitative) and expressing impact in monetary terms (quantitative), the enterprise is using a hybrid approach. This allows for a comprehensive assessment that leverages the strengths of both methods.

Therefore, the described method represents a hybrid approach to risk analysis.

ISA 315 Anlage 5 and 6: Detailed guidelines on risk assessment and analysis methodologies.

ISO-27001 and GoBD standards for risk management and business impact analysis.

These references provide a comprehensive understanding of the principles and methodologies involved in IT risk and audit processes.

asked 18/11/2024
Lucile Jeanneret
44 questions


Isaca IT Risk Fundamentals Practice Tests