ExamGecko
Search Search Login
Home Home / Isaca / IT Risk Fundamentals
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is used to estimate the frequency and magnitude of a given risk scenario?
An enterprise has moved its data center from a flood-prone area where it had experienced significant service disruptions to one that is not a flood zone. Which risk response strategy has the organization selected?
Which of the following is the PRIMARY concern with vulnerability assessments?
Which of the following is the MAIN objective of governance?
Which of the following would be considered a cyber-risk?
Which of the following is MOST likely to promote ethical and open communication of risk management activities at the executive level?
For risk reporting to adequately reflect current risk management capabilities, the risk report should be based on the enterprise:
Which of the following is of GREATEST concern when aggregating risk information in management reports?
Which of the following risk analysis methods gathers different types of potential risk ideas to be validated and ranked by an individual or small groups during interviews?
Which of the following statements on an organization's cybersecurity profile is BEST suited for presentation to management?

Question 10 - IT Risk Fundamentals discussion

Report
Export

Which of the following is MOST likely to promote ethical and open communication of risk management activities at the executive level?

A.

Recommending risk tolerance levels to the business

Answers
A.

Recommending risk tolerance levels to the business

B.

Expressing risk results in financial terms

Answers
B.

Expressing risk results in financial terms

C.

Increasing the frequency of risk status reports

Answers
C.

Increasing the frequency of risk status reports

Suggested answer: B

Explanation:

Expressing risk results in financial terms is most likely to promote ethical and open communication of risk management activities at the executive level. This is because financial metrics are universally understood and can clearly illustrate the impact of risks on the organization. By translating risk into financial terms, executives can more easily comprehend the severity and potential consequences of various risks, facilitating informed decision-making and fostering transparency. It also allows for a common language between different departments and stakeholders, enhancing clarity and reducing misunderstandings. This practice is emphasized in frameworks like ISO 31000 and is a key aspect of effective risk communication.

Show Answer
asked 18/11/2024
Sjoerd Kruit
32 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms