CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CRISC

Free CRISC Exam Braindumps (page: 24)

Page 23 of 451
PDF with 1871 Questions

The only output of qualitative risk analysis is risk register updates. When the project manager updates the risk register he will need to include several pieces of information including all of the following except for which one?

  1. Trends in qualitative risk analysis
  2. Risk probability-impact matrix
  3. Risks grouped by categories
  4. Watchlist of low-priority risks

Answer(s): B

Explanation:

The risk matrix is not included as part of the risk register updates. There are seven things that can be updated in the risk register as a result of qualitative risk analysis: relating ranking of project risks, risks grouped by categories, causes of risks, list of near-term risks, risks requiring additional analysis, watchlist of low-priority risks, trends in qualitative risk analysis.

Incorrect Answers:
A: Trends in qualitative risk analysis are part of the risk register updates. C: Risks grouped by categories are part of the risk register updates.
D: Watchlist of low-priority risks is part of the risk register updates.



Which of the following risks is the risk that happen with an important business partner and affects a large group of enterprises within an area or industry?

  1. Contagious risk
  2. Reporting risk
  3. Operational risk
  4. Systemic risk

Answer(s): D

Explanation:

Systemic risks are those risks that happen with an important business partner and affect a large group of enterprises within an area or industry. An example would be a nationwide air traffic control system that goes down for an extended period of time (six hours), which affects air traffic on a very large scale.

Incorrect Answers:
A: Contagious risks are those risk events that happen with several of the enterprise's business partners within a very short time frame.

B, C: Their scopes do not limit to the important or general enterprise's business partners. These risks can occur with both.

Operational risks are those risks that are associated with the day-to-day operations of the enterprise. It is the risk of loss resulting from inadequate or failed internal processes, people and systems, or from external events.

Reporting risks are caused due to wrong reporting which leads to bad decision. This bad decision due to wrong report hence causes a risk on the functionality of the organization.



You have been assigned as the Project Manager for a new project that involves development of a new interface for your existing time management system. You have completed identifying all possible risks along with the stakeholders and team and have calculated the probability and impact of these risks. Which of the following would you need next to help you prioritize the risks?

  1. Affinity Diagram
  2. Risk rating rules
  3. Project Network Diagram
  4. Risk categories

Answer(s): B

Explanation:

Risk rating rules define how to prioritize risks after the related probability and impact values are calculated. These are generally included in the organizational process assets and are refined for individual projects.

Incorrect Answers:
A: Affinity Diagram is a method of group creativity technique to collect requirements which allows large numbers of ideas to be sorted into groups for review and analysis. This is generally used in Scope Management and not applicable to this option.

C: A Project Network diagram shows the sequencing and linkage between various project tasks and is not applicable to this question

D: Risk categories are an output of the Perform Qualitative Risk Analysis process and not a tool to complete the process.



You are the project manager of a large networking project. During the execution phase the customer requests for a change in the existing project plan. What will be your immediate action?

  1. Update the risk register.
  2. Ask for a formal change request.
  3. Ignore the request as the project is in the execution phase.
  4. Refuse the change request.

Answer(s): B

Explanation:

Whenever the customer or key stakeholder asks for a change in the existing plan, you should ask him/her to submit a formal change request. Change requests may modify project policies or procedures, project scope, project cost or budget, project schedule, or project quality.

Incorrect Answers:
A, C, D: The first action required is to create a formal change request, if a change is requested in the project.






Post your Comments and Discuss ISACA CRISC exam with other Community members:

CRISC Discussions & Posts