- Email support@dumps4free.com
Topic 1 : Pool A
The BEST way to justify the risk mitigation actions recommended in a risk assessment would be to:
A.
align with audit results.
B.
benchmark with competitor s actions.
C.
reference best practice.
D.
focus on the business drivers
focus on the business drivers
Which of the following IT controls is MOST useful in mitigating the risk associated with inaccurate data?
A.
Encrypted storage of data
B.
Links to source data
C.
Audit trails for updates and deletions
D.
Check totals on data records and data fields
Audit trails for updates and deletions
A risk practitioner is developing a set of bottom-up IT risk scenarios. The MOST important time to involve business stakeholders is when:
A.
updating the risk register
B.
documenting the risk scenarios.
C.
validating the risk scenarios
D.
identifying risk mitigation controls
validating the risk scenarios
A control for mitigating risk in a key business area cannot be implemented immediately. Which of the following is the risk practitioner's BEST course of action when a compensating control needs to be applied?
A.
Obtain the risk owner's approval.
B.
Record the risk as accepted m the risk register.
C.
Inform senior management.
D.
update the risk response plan
update the risk response plan
Which of the following presents the GREATEST challenge for an IT risk practitioner who wants to report on trends in historical IT risk levels?
A.
Qualitative measures for potential loss events
B.
Changes in owners for identified IT risk scenarios
C.
Changes in methods used to calculate probability
D.
Frequent use of risk acceptance as a treatment option
Qualitative measures for potential loss events
| Page 10 out of 193 Pages |
| Previous |