CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CRISC

Free CRISC Exam Braindumps (page: 31)

Page 30 of 451
PDF with 1871 Questions

Jeff works as a Project Manager for www.company.com Inc. He and his team members are involved in the identify risk process. Which of the following tools & techniques will Jeff use in the identify risk process?
Each correct answer represents a complete solution. (Choose three.)

  1. Information gathering technique
  2. Documentation reviews
  3. Checklist analysis
  4. Risk categorization

Answer(s): A,B,C

Explanation:

The various tools & techniques used in the identify risk process are as follows: Documentation reviews
Information gathering technique Checklist analysis
Assumption analysis Diagramming techniques SWOT analysis
Expert judgment



Mary is the project manager for the BLB project. She has instructed the project team to assemble, to review the risks. She has included the schedule management plan as an input for the quantitative risk analysis process. Why is the schedule management plan needed for quantitative risk analysis?

  1. Mary will schedule when the identified risks are likely to happen and affect the project schedule.
  2. Mary will utilize the schedule controls and the nature of the schedule for the quantitative analysis of the schedule.
  3. Mary will use the schedule management plan to schedule the risk identification meetings throughout the remaining project.
  4. Mary will utilize the schedule controls to determine how risks may be allowed to change the project schedule.

Answer(s): B

Explanation:

The controls within the schedule management plan can shape how quantitative risk analysis will be performed on the schedule.
Schedule management plan also describes how the schedule contingencies will be reported and assessed. Incorrect Answers:
A: When risks are likely to happen is important, but it is not the best answer for this question

C: This is not a valid answer for this question throughout the project, but it is not scheduled during the quantitative risk analysis process.

D: Risks may affect the project schedule, but this is not the best answer for the question.



Which of the following control detects problem before it can occur?

  1. Deterrent control
  2. Detective control
  3. Compensation control
  4. Preventative control

Answer(s): D

Explanation:

Preventative controls are the controls that detect the problem before it occurs. They attempt to predict potential problems and make adjustments to prevent those problems to occur in near future. This prediction is being made by monitoring both the system's operations and its inputs.

Incorrect Answers:
A: Deterrent controls are similar to the preventative controls, but they diminish or reverse the attraction of the environment to prevent risk from occurring instead of making adjustments to the environment.

B: Detective controls simply detect and report on the occurrence of a problems. They identify specific symptoms to potential problems.

C: Compensation controls ensure that normal business operations continue by applying appropriate resource.



Which of the following aspects are included in the Internal Environment Framework of COSO ERM? Each correct answer represents a complete solution. Choose three.

  1. Enterprise's integrity and ethical values
  2. Enterprise's working environment
  3. Enterprise's human resource standards
  4. Enterprise's risk appetite

Answer(s): A,C,D

Explanation:

The internal environment for risk management is the foundational level of the COSO ERM framework, which describes the philosophical basics of managing risks within the implementing enterprise. The different aspects of the internal environment include the enterprise's:
Philosophy on risk management Risk appetite
Attitudes of Board of Directors Integrity and ethical values Commitment to competence Organizational structure Authority and responsibility Human resource standards






Post your Comments and Discuss ISACA CRISC exam with other Community members:

CRISC Discussions & Posts