CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CRISC

Free CRISC Exam Braindumps (page: 88)

Page 88 of 451
PDF with 1871 Questions

You are working in Bluewell Inc. which make advertisement Websites. Someone had made unauthorized changes to your Website. Which of the following terms refers to this type of loss?

  1. Loss of confidentiality
  2. Loss of integrity
  3. Loss of availability
  4. Loss of revenue

Answer(s): B

Explanation:

Loss of integrity refers to the following types of losses: An e-mail message is modified in transit
A virus infects a file
Someone makes unauthorized changes to a Web site

Incorrect Answers:
A: Someone sees a password or a company's secret formula, this is referred to as loss of confidentiality.

C: An e-mail server is down and no one has e-mail access, or a file server is down so data files aren't available comes under loss of availability.

D: This refers to the events which would eventually cause loss of revenue.



Which of the following is NOT true for Key Risk Indicators?

  1. They are selected as the prime monitoring indicators for the enterprise
  2. They help avoid having to manage and report on an excessively large number of risk indicators
  3. The complete set of KRIs should also balance indicators for risk, root causes and business impact.
  4. They are monitored annually

Answer(s): D

Explanation:

They are monitored on regular basis as they indicate high probability and high impact risks. As risks change over time, hence KRIs should also be monitored regularly for its effectiveness on these changing risks.

Incorrect Answers:
A, B, C: These all are true for KRIs. Key Risk Indicators are the prime monitoring indicators of the enterprise. KRIs are highly relevant and possess a high probability of predicting or indicating important risk. KRIs help in avoiding excessively large number of risk indicators to manage and report that a large enterprise may have.

The complete set of KRIs should also balance indicators for risk, root causes and business impact, so as to indicate the risk and its impact completely.



Which of the following is the BEST way to determine the ongoing efficiency of control processes?

  1. Interview process owners
  2. Review the risk register
  3. Perform annual risk assessments
  4. Analyze key performance indicators (KPIs)

Answer(s): D



You are the project manager of the GHT project. You are accessing data for further analysis. You have chosen such a data extraction method in which management monitors its own controls. Which of the following data extraction methods you are using here?

  1. Extracting data directly from the source systems after system owner approval
  2. Extracting data from the system custodian (IT) after system owner approval
  3. Extracting data from risk register
  4. Extracting data from lesson learned register

Answer(s): A

Explanation:

Direct extraction from the source system involves management monitoring its own controls, instead of auditors/ third parties monitoring management's controls. It is preferable over extraction from the system custodian.

Incorrect Answers:
B: Extracting data from the system custodian (IT) after system owner approval, involves auditors or third parties monitoring management's controls. Here, in this management does not monitors its own control.

C, D: These are not data extraction methods.



Page 88 of 451



Post your Comments and Discuss ISACA CRISC exam with other Community members:

Fei commented on November 26, 2024
Very good resources
UNITED STATES
upvote

Yingying Li commented on December 02, 2023
Very useful practice tests.
Anonymous
upvote

Stephen commented on August 27, 2023
Can you please share CIMAPRA19-FO2-1 Exam dumps please
Anonymous
upvote

Parsad commented on June 04, 2023
Thank you for the buy 1 get 1 free discount. This helped me a lot. I donot have a lot of money.
INDIA
upvote

Petros commented on May 01, 2023
I could not have passed my certification test without the help of this study guide - highly recommend it!
PORTUGAL
upvote

Bobby commented on January 18, 2022
Passed easily.
UNITED STATES
upvote

Santosh commented on January 29, 2020
Passed my exam today with a score of 798. This is good material.
INDIA
upvote

Arron commented on January 26, 2020
This saved me so much time. The questions and answers are adequate and close to real exam. I like the PDF and its format. Just put it on my iPad and studied while traveling to work. This was my first time using this site and I am pretty happy about their service and price.
GERMANY
upvote

Suresh commented on April 17, 2019
This download is a waste of time . I downloaded the windows app and installed and it is asking to load the test. No documentation provided on how to use the desk top tool. Unable to install on my MAC not Iphone compatible. RE- Admin: Suresh, our website clearly says that the Test Engine software is for Windows only. We have not advertised anywhere in our website saying the Test Engine Software is for MAC as well.
UNITED STATES
upvote