CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CRISC

Free CRISC Exam Braindumps (page: 77)

Page 76 of 451
PDF with 1871 Questions

Which of the following assets are the examples of intangible assets of an enterprise? Each correct answer represents a complete solution. Choose two.

  1. Customer trust
  2. Information
  3. People
  4. Infrastructure

Answer(s): A,B

Explanation:

Assets are the economic resources owned by business or company. Anything tangible or intangible that one possesses, usually considered as applicable to the payment of one's debts, is considered an asset. An asset can also be defined as a resource, process, product, computing infrastructure, and so forth that an organization has determined must be protected.

Tangible asset: Tangible are those assets that has physical attributes and can be detected with the senses, e.g., people, infrastructure, and finances.

Intangible asset: Intangible are those assets that has no physical attributes and cannot be detected with the senses, e.g., information, reputation and customer trust.



You are the project manager of the GHY project for your company. This project has a budget of $543,000 and is expected to last 18 months. In this project, you have identified several risk events and created risk response plans. In what project management process group will you implement risk response plans?

  1. Monitoring and Controlling
  2. In any process group where the risk event resides
  3. Planning
  4. Executing

Answer(s): A

Explanation:

The monitor and control project risk process resides in the monitoring and controlling project management process group. This process is responsible for implementing risk response plans, tracking identified risks, monitoring residual risks, identifying new risks, and evaluating risk process effectiveness through the project.

Incorrect Answers:
B: Risk response plans are implemented as part of the monitoring and controlling process group. C: Risk response plans are not implemented as part of project planning.
D: Risk response plans are not implemented as part of project execution.



During which of the following processes, probability and impact matrix are prepared?

  1. Risk response
  2. Monitoring and Control Risk
  3. Quantitative risk assessment
  4. Qualitative risk assessment

Answer(s): D

Explanation:

The probability and impact matrix is a technique to prioritize identified risks of the project on their risk rating, and are being prepared while performing qualitative risk analysis. Evaluation of each risk's importance and, hence, priority for attention, is typically conducted using a look-up table or a probability and impact matrix. This matrix specifies combinations of probability and impact that lead to rating the risks as low, moderate, or high priority.

Incorrect Answers:
A, B: These processes are part of Risk Management. The probability and impact matrix is prepared during the qualitative risk analysis for further quantitative analysis and response based on their risk rating.
C: SLE, ARO and ALE are used in quantitative risk assessment.



You are the project manager of GRT project. You discovered that by bringing on more qualified resources or by providing even better quality than originally planned, could result in reducing the amount of time required to complete the project. If your organization seizes this opportunity, it would be an example of what risk response?

  1. Enhance
  2. Exploit
  3. Accept
  4. Share

Answer(s): B

Explanation:

Exploit response is one of the strategies to negate risks or threats that appear in a project. This strategy may be selected for risks with positive impacts where the organization wishes to ensure that the opportunity is realized. Exploiting a risk event provides opportunities for positive impact on a project. Assigning more talented resources to the project to reduce the time to completion is an example of exploit response.

Incorrect Answers:
A: The enhance strategy closely watches the probability or impact of the risk event to assure that the organization realizes the benefits. The primary point of this strategy is to attempt to increase the probability and/ or impact of positive

C: Risk acceptance means that no action is taken relative to a particular risk; loss is accepted if it occurs.

D: The share strategy is similar as transfer because in this a portion of the risk is shared with an external organization or another internal entity.






Post your Comments and Discuss ISACA CRISC exam with other Community members:

CRISC Discussions & Posts