CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CRISC

Free CRISC Exam Braindumps (page: 19)

Page 19 of 451
PDF with 1871 Questions

Which of the following risks refer to probability that an actual return on an investment will be lower than the investor's expectations?

  1. Integrity risk
  2. Project ownership risk
  3. Relevance risk
  4. Expense risk

Answer(s): D

Explanation:

Probability that an actual return on an investment will be lower than the investor's expectations is termed as investment risk or expense risk. All investments have some level of risk associated with it due to the unpredictability of the market's direction. This includes consideration of the overall IT investment portfolio.

Incorrect Answers:
A: The risk that data cannot be relied on because they are unauthorized, incomplete or inaccurate is termed as integrity risks.

B: The risk of IT projects failing to meet objectives due to lack of accountability and commitment is referring to as project risk ownership.

C: The risk associated with not receiving the right information to the right people (or process or systems) at the right time to allow the right action to be taken is termed as relevance risk.



What are the PRIMARY requirements for developing risk scenarios? Each correct answer represents a part of the solution. Choose two.

  1. Potential threats and vulnerabilities that could lead to loss events
  2. Determination of the value of an asset at risk
  3. Determination of actors that has potential to generate risk
  4. Determination of threat type

Answer(s): A,B

Explanation:

Creating a scenario requires determination of the value of an asset or a business process at risk and the potential threats and vulnerabilities that could cause loss. The risk scenario should be assessed for relevance and realism, and then entered into the risk register if found to be relevant.

In practice following steps are involved in risk scenario development: First determine manageable set of scenarios, which include:
Frequently occurring scenarios in the industry or product area.
Scenarios representing threat sources that are increasing in count or severity level. Scenarios involving legal and regulatory requirements applicable to the business.
After determining manageable risk scenarios, perform a validation against the business objectives of the entity.
Based on this validation, refine the selected scenarios and then detail them to a level in line with the criticality of the entity.
Lower down the number of scenarios to a manageable set. Manageable does not signify a fixed number, but should be in line with the overall importance and criticality of the unit.
Risk factors kept in a register so that they can be reevaluated in the next iteration and included for detailed analysis if they have become relevant at that time.
Risk factors kept in a register so that they can be reevaluated in the next iteration and included for detailed analysis if they have become relevant at that time.
Include an unspecified event in the scenarios, that is, address an incident not covered by other scenarios.

Incorrect Answers:
C, D: Determination of actors and threat type are not the primary requirements for developing risk scenarios, but are the components that are determined during risk scenario development.



What are the responsibilities of the CRO?
Each correct answer represents a complete solution. Choose three.

  1. Managing the risk assessment process
  2. Implement corrective actions
  3. Advising Board of Directors
  4. Managing the supporting risk management function

Answer(s): A,C,D



You are working with a vendor on your project. A stakeholder has requested a change for the project, which will add value to the project deliverables. The vendor that you're working with on the project will be affected by the change. What system can help you introduce and execute the stakeholder change request with the vendor?

  1. Contract change control system
  2. Scope change control system
  3. Cost change control system
  4. Schedule change control system

Answer(s): A

Explanation:

The contract change control system is part of the project's change control system. It addresses changes with the vendor that may affect the project contract. Change control system, a part of the configuration management system, is a collection of formal documented procedures that define how project deliverables and documentation will be controlled, changed, and approved.

Incorrect Answers:
B: The scope may change because of the stakeholder change request. Vendor’s relationship to the project, hence this choice is not the best answer.

C: The cost change control system manages changes to costs in the project. D: There is no indication that the change could affect the project schedule.



Page 19 of 451



Post your Comments and Discuss ISACA CRISC exam with other Community members:

Fei commented on November 26, 2024
Very good resources
UNITED STATES
upvote

Yingying Li commented on December 02, 2023
Very useful practice tests.
Anonymous
upvote

Stephen commented on August 27, 2023
Can you please share CIMAPRA19-FO2-1 Exam dumps please
Anonymous
upvote

Parsad commented on June 04, 2023
Thank you for the buy 1 get 1 free discount. This helped me a lot. I donot have a lot of money.
INDIA
upvote

Petros commented on May 01, 2023
I could not have passed my certification test without the help of this study guide - highly recommend it!
PORTUGAL
upvote

Bobby commented on January 18, 2022
Passed easily.
UNITED STATES
upvote

Santosh commented on January 29, 2020
Passed my exam today with a score of 798. This is good material.
INDIA
upvote

Arron commented on January 26, 2020
This saved me so much time. The questions and answers are adequate and close to real exam. I like the PDF and its format. Just put it on my iPad and studied while traveling to work. This was my first time using this site and I am pretty happy about their service and price.
GERMANY
upvote

Suresh commented on April 17, 2019
This download is a waste of time . I downloaded the windows app and installed and it is asking to load the test. No documentation provided on how to use the desk top tool. Unable to install on my MAC not Iphone compatible. RE- Admin: Suresh, our website clearly says that the Test Engine software is for Windows only. We have not advertised anywhere in our website saying the Test Engine Software is for MAC as well.
UNITED STATES
upvote