CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CRISC

Free CRISC Exam Braindumps (page: 82)

Page 82 of 451
PDF with 1871 Questions

Which of the following come under the phases of risk identification and evaluation? Each correct answer represents a complete solution. Choose three.

  1. Maintain a risk profile
  2. Collecting data
  3. Analyzing risk
  4. Applying controls

Answer(s): A,B,C

Explanation:

Risk identification is the process of determining which risks may affect the project. It also documents risks' characteristics.

Following are high-level phases that are involved in risk identification and evaluation:
Collecting data- Involves collecting data on the business environment, types of events, risk categories, risk scenarios, etc., to identify relevant data to enable effective risk identification, analysis and reporting.
Analyzing risk- Involves analyzing risk to develop useful information which is used while taking risk- decisions. Risk-decisions take into account the business relevance of risk factors.
Maintain a risk profile- Requires maintaining an up-to-date and complete inventory of known threats and their attributes (e.g., expected likelihood, potential impact, and disposition), IT resources, capabilities, and controls as understood in the context of business products, services and processes to effectively monitor risk over time.

Incorrect Answers:
D: It comes under risk management process, and not in risk identification and evaluation process.



How are the potential choices of risk based decisions are represented in decision tree analysis?

  1. End node
  2. Root node
  3. Event node
  4. Decision node

Answer(s): D

Explanation:

The potential choices of risk based decisions are represented in decision tree analysis via. Decision node, as decision nodes refers to the available choices.

Incorrect Answers:
A: End nodes are the final outcomes of the entire decision tree framework, especially in multilayered decision- making situations.

B: Root nodes represent the start of a decision tree.

C: Event nodes represents the possible uncertain outcomes of the decision, and not the available choices.



You are the project manager of the HJK Project for your organization. You and the project team have created risk responses for many of the risk events in the project. Where should you document the proposed responses and the current status of all identified risks?

  1. Stakeholder management strategy
  2. Lessons learned documentation
  3. Risk register
  4. Risk management plan

Answer(s): C

Explanation:

Risks and the corresponding responses are documented in the risk register for the project. Risk register is a document that contains the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning. Description, category, cause, probability of occurring, impact on objectives, proposed responses, owner, and the current status of all identified risks are put in the risk register.

Incorrect Answers:
A: The stakeholder management strategy defines how stakeholders and their threats, perceived threats, opinions, and influence over the project objectives will be addressed and managed.

B: The outcome of risk events and the corresponding risk responses may be documented in the project's lessons learned documented, but the best answer is to document the risk responses as part of the risk register.

D: The risk management plan defines how risks will be identified and analyzed, the available responses, and the monitoring and controlling of the risk events. The actual risk responses are included in the risk register.



Which is the MOST important parameter while selecting appropriate risk response?

  1. Cost of response
  2. Capability to implement response
  3. Importance of risk
  4. Efficiency of response

Answer(s): A

Explanation:

The cost of the response, which is applied so as to reduce risk within tolerance levels, is one of the most important parameter. By considering the cost of response, it is decided whether or not benefits of applying response is greater than accepting the risk; and according to this analysis it is decided whether the certain response should be applied or not. For example, if risk transfer response is applied by using insurance, then cost would be the cost of insurance.

Incorrect Answers:
B: This parameter is considered after analyzing the cost of response, which will further decide the level of sophistication of risk response. The enterprise's capability to implement the response means that if the risk management process is mature then the risk response is more

C: This is one of the parameters that is considered but is not as important as considering cost of response. The importance of the risk is determined by the combination of likelihood and magnitude levels along with its position on the risk map.

D: Efficiency of response can only be analyzed after applying the response. So it is the latter stage in selection of response.



Page 82 of 451



Post your Comments and Discuss ISACA CRISC exam with other Community members:

Fei commented on November 26, 2024
Very good resources
UNITED STATES
upvote

Yingying Li commented on December 02, 2023
Very useful practice tests.
Anonymous
upvote

Stephen commented on August 27, 2023
Can you please share CIMAPRA19-FO2-1 Exam dumps please
Anonymous
upvote

Parsad commented on June 04, 2023
Thank you for the buy 1 get 1 free discount. This helped me a lot. I donot have a lot of money.
INDIA
upvote

Petros commented on May 01, 2023
I could not have passed my certification test without the help of this study guide - highly recommend it!
PORTUGAL
upvote

Bobby commented on January 18, 2022
Passed easily.
UNITED STATES
upvote

Santosh commented on January 29, 2020
Passed my exam today with a score of 798. This is good material.
INDIA
upvote

Arron commented on January 26, 2020
This saved me so much time. The questions and answers are adequate and close to real exam. I like the PDF and its format. Just put it on my iPad and studied while traveling to work. This was my first time using this site and I am pretty happy about their service and price.
GERMANY
upvote

Suresh commented on April 17, 2019
This download is a waste of time . I downloaded the windows app and installed and it is asking to load the test. No documentation provided on how to use the desk top tool. Unable to install on my MAC not Iphone compatible. RE- Admin: Suresh, our website clearly says that the Test Engine software is for Windows only. We have not advertised anywhere in our website saying the Test Engine Software is for MAC as well.
UNITED STATES
upvote