ISACA-Certified in Risk and Information Systems Control Set 11

1.

Which of the following would be the BEST key performance indicator (KPI) for monitoring the effectiveness of the IT asset management process?

Percentage of unpatched IT assets The number of IT assets procured during the previous month The number of IT assets securely disposed during the past year Percentage of IT assets without ownership

2.

Which of the following is the MOST important foundational element of an effective three lines of defense model for an organization?

A well-established risk management committee A robust risk aggregation tool set Well-documented and communicated escalation procedures Clearly defined roles and responsibilities

3.

Which of the following is MOST critical to the design of relevant risk scenarios?

The scenarios are linked to probable organizational situations. The scenarios are based on past incidents. The scenarios are aligned with risk management capabilities. The scenarios are mapped to incident management capabilities.

4.

An IT risk practitioner has determined that mitigation activities differ from an approved risk action plan. Which of the following is the risk practitioner's BEST course of action?

Revert the implemented mitigation measures until approval is obtained. Validate the adequacy of the implemented risk mitigation measures. Report the observation to the chief risk officer (CRO). Update the risk register with the implemented risk mitigation actions.

5.

Which of the following is the BEST course of action when risk is found to be above the acceptable risk appetite?

Execute the risk response plan. Analyze the effectiveness of controls. Maintain the current controls. Review risk tolerance levels.

6.

The MAIN reason for creating and maintaining a risk register is to:

account for identified key risk factors. ensure assets have low residual risk. define the risk assessment methodology. assess effectiveness of different projects.

7.

A risk practitioner's PRIMARY focus when validating a risk response action plan should be that risk response:

advances business objectives. quantifies risk impact. reduces risk to an acceptable level. aligns with business strategy.

8.

Which of the following is MOST critical when designing controls?

Involvement of process owner Involvement of internal audit Identification of key risk indicators Quantitative impact of the risk

9.

Which of the following BEST enables a risk practitioner to enhance understanding of risk among stakeholders?

Threat analysis Key risk indicators Risk scenarios Business impact analysis

10.

Which of the following would BEST provide early warning of a high-risk condition?

Risk assessment Key risk indicator (KRI) Risk register Key performance indicator (KPI)

ISACA-Certified in Risk and Information Systems Control Set 11

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Congratulations

COMPANY

Products

OTHERS

Partner

ISACA-Certified in Risk and Information Systems Control Set 11

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Congratulations

Detail Form

COMPANY

Products

OTHERS

Partner