CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CRISC

Free CRISC Exam Braindumps (page: 39)

Page 39 of 451
PDF with 1871 Questions

You are completing the qualitative risk analysis process with your project team and are relying on the risk management plan to help you determine the budget, schedule for risk management, and risk categories. You discover that the risk categories have not been created. When the risk categories should have been created?

  1. Define scope process
  2. Risk identification process
  3. Plan risk management process
  4. Create work breakdown structure process

Answer(s): C

Explanation:

The plan risk management process is when risk categories were to be defined. If they were not defined, as in this scenario, it is acceptable to define the categories as part of the qualitative risk analysis process.
Plan risk management is the process of defining the way to conduct the risk management activities. Planning is essential for providing sufficient resources and time for risk management activities, and to establish an agreed- upon basis of evaluating risks. This process should start as soon as project is conceived and should be completed early during project planning.

Incorrect Answers:
A: Risk categories are not defined through the define scope process.

B: Risk categories are not defined through the risk identification process.

D: Risk categories are not defined through the create work breakdown structure process.



You work as a project manager for BlueWell Inc. You have declined a proposed change request because of the risk associated with the proposed change request. Where should the declined change request be documented and stored?

  1. Change request log
  2. Project archives
  3. Lessons learned
  4. Project document updates

Answer(s): A

Explanation:

The change request log records the status of all change requests, approved or declined.
The change request log is used as an account for change requests and as a means of tracking their disposition on a current basis. The change request log develops a measure of consistency into the change management process. It encourages common inputs into the process and is a common estimation approach for all change requests. As the log is an important component of project requirements, it should be readily available to the project team members responsible for project delivery. It should be maintained in a file with read-only access to those who are not responsible for approving or disapproving project change requests.

Incorrect Answers:
B: The project archive includes all project documentation and is created through the close project or phase process. It is not the best choice for this option.

C: Lessons learned are not the correct place to document the status of a declined, or approved, change request.

D: The project document updates is not the best choice for this question. It can be placed into the project documents, but the declined changes are part of the change request log.



Capability maturity models are the models that are used by the enterprise to rate itself in terms of the least mature level to the most mature level. Which of the following capability maturity levels shows that the enterprise does not recognize the need to consider the risk management or the business impact from IT risk?

  1. Level 2
  2. Level 0
  3. Level 3
  4. Level 1

Answer(s): B

Explanation:

0 nonexistent: An enterprise's risk management capability maturity level is 0 when:
The enterprise does not recognize the need to consider the risk management or the business impact from IT risk.
Decisions involving risk lack credible information.
Awareness of external requirements for risk management and integration with enterprise risk management (ERM) do not exists.

Incorrect Answers:
A, C, D: These all are higher levels of capability maturity model and in this enterprise is mature enough to recognize the importance of risk management.



Using which of the following one can produce comprehensive result while performing qualitative risk analysis?

  1. Scenarios with threats and impacts
  2. Cost-benefit analysis
  3. Value of information assets.
  4. Vulnerability assessment

Answer(s): A

Explanation:

Using list of possible scenarios with threats and impacts will better frame the range of risk and hence can frame more informative result of qualitative analysis.

Incorrect Answers:
B: Cost and benefit analysis is used for taking financial decisions that can be formal or informal, such as appraisal of any project or proposal. The approach weighs the total cost against the benefits expected, and then identifies the most profitable option. It only decides what type of control should be applied for effective risk management.

C, D: These are not sufficient for producing detailed result.



Page 39 of 451



Post your Comments and Discuss ISACA CRISC exam with other Community members:

Fei commented on November 26, 2024
Very good resources
UNITED STATES
upvote

Yingying Li commented on December 02, 2023
Very useful practice tests.
Anonymous
upvote

Stephen commented on August 27, 2023
Can you please share CIMAPRA19-FO2-1 Exam dumps please
Anonymous
upvote

Parsad commented on June 04, 2023
Thank you for the buy 1 get 1 free discount. This helped me a lot. I donot have a lot of money.
INDIA
upvote

Petros commented on May 01, 2023
I could not have passed my certification test without the help of this study guide - highly recommend it!
PORTUGAL
upvote

Bobby commented on January 18, 2022
Passed easily.
UNITED STATES
upvote

Santosh commented on January 29, 2020
Passed my exam today with a score of 798. This is good material.
INDIA
upvote

Arron commented on January 26, 2020
This saved me so much time. The questions and answers are adequate and close to real exam. I like the PDF and its format. Just put it on my iPad and studied while traveling to work. This was my first time using this site and I am pretty happy about their service and price.
GERMANY
upvote

Suresh commented on April 17, 2019
This download is a waste of time . I downloaded the windows app and installed and it is asking to load the test. No documentation provided on how to use the desk top tool. Unable to install on my MAC not Iphone compatible. RE- Admin: Suresh, our website clearly says that the Test Engine software is for Windows only. We have not advertised anywhere in our website saying the Test Engine Software is for MAC as well.
UNITED STATES
upvote