ISACA-Certified in Risk and Information Systems Control Set 5

Wendy has identified a risk event in her project that has an impact of $75,000 and a 60 percent chance of happening. Through research, her project team learns that the risk impact can actually be reduced to just $15,000 with only a ten percent chance of occurring. The proposed solution will cost $25,000. Wendy agrees to the $25,000 solution. What type of risk response is this?

Which of the following is the MOST critical security consideration when an enterprise outsource is major part of IT department to a third party whose servers are in foreign company?

You and your project team have identified a few risk events in the project and recorded the events in the risk register. Part of the recording of the events includes the identification of a risk owner. Who is a risk owner?

Suppose you are working in Company Inc. and you are using risk scenarios for estimating the likelihood and impact of the significant risks on this organization. Which of the following assessment are you doing?

Which of the following is BEST described by the definition below? "They are heavy influencers of the likelihood and impact of risk scenarios and should be taken into account during every risk analysis, when likelihood and impact are assessed."

Which of the following control is used to ensure that users have the rights and permissions they need to perform their jobs, and no more?

Which of the following components ensures that risks are examined for all new proposed change requests in the change control system?

Which of the following statements BEST describes policy?

885CB989129A5F974833949052CFB2F2 You are the project manager of GHT project. You have analyzed the risk and applied appropriate controls. In turn, you got residual risk as a result of this. Residual risk can be used to determine which of the following?

When it appears that a project risk is going to happen, what is this term called?