- Email support@dumps4free.com
Topic 1 : Pool A
Which of the following is the MOST important outcome of reviewing the risk management process?
A.
Assuring the risk profile supports the IT objectives
B.
Improving the competencies of employees who performed the review
C.
Determining what changes should be nude to IS policies to reduce risk
D.
Determining that procedures used in risk assessment are appropriate
Assuring the risk profile supports the IT objectives
Who is BEST suited to determine whether a new control properly mitigates data loss risk within a system?
A.
Data owner
B.
Control owner
C.
Risk owner
D.
System owner
Control owner
Which of the following would be the BEST recommendation if the level of risk in the IT risk profile has decreased and is now below management's risk appetite?
A.
Optimize the control environment.
B.
Realign risk appetite to the current risk level.
C.
Decrease the number of related risk scenarios.
D.
Reduce the risk management budget
Optimize the control environment.
Which of the following would BEST help an enterprise prioritize risk scenarios?
A.
Industry best practices
B.
Placement on the risk map
C.
Degree of variances in the risk
D.
Cost of risk mitigation
Placement on the risk map
The PRIMARY reason a risk practitioner would be interested in an internal audit report is to:
A.
plan awareness programs for business managers.
B.
evaluate maturity of the risk management process.
C.
assist in the development of a risk profile.
D.
maintain a risk register based on noncompliances
assist in the development of a risk profile.
| Page 2 out of 193 Pages |
| Previous |