CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CRISC

Free CRISC Exam Braindumps (page: 53)

Page 52 of 451
PDF with 1871 Questions

You work as a project manager for BlueWell Inc. You are about to complete the quantitative risk analysis process for your project. You can use three available tools and techniques to complete this process. Which one of the following is NOT a tool or technique that is appropriate for the quantitative risk analysis process?

  1. Data gathering and representation techniques
  2. Expert judgment
  3. Quantitative risk analysis and modeling techniques
  4. Organizational process assets

Answer(s): D

Explanation:

Organizational process asset is not a tool and technique, but an input to the quantitative risk analysis process. Quantitative Risk Analysis is a process to assess the probability of achieving particular project objectives, to quantify the effect of risks on the whole project objective, and to prioritize the risks based on the impact to overall project risk. Quantitative Risk Analysis process analyzes the affect of a risk event deriving a numerical value. It also presents a quantitative approach to build decisions in the presence of uncertainty. The inputs for Quantitative Risk Analysis are:

Organizational process assets Project Scope Statement
Risk Management Plan Risk Register
Project Management Plan

Incorrect Answers:
A: Data gathering and representation technique is a tool and technique for the quantitative risk analysis process.

B: Expert judgment is a tool and technique for the quantitative risk analysis process.

C: Quantitative risk analysis and modeling techniques is a tool and technique for the quantitative risk analysis process.



Which of the following is the PRIMARY requirement before choosing Key performance indicators of an enterprise?

  1. Determine size and complexity of the enterprise
  2. Prioritize various enterprise processes
  3. Determine type of market in which the enterprise operates
  4. Enterprise must establish its strategic and operational goals

Answer(s): D

Explanation:

Key Performance Indicators is a set of measures that a company or industry uses to measure and/or compare performance in terms of meeting their strategic and operational goals. KPIs vary with company to company, depending on their priorities or performance criteria.
A company must establish its strategic and operational goals and then choose their KPIs which can best reflect those goals. For example, if a software company's goal is to have the fastest growth in its industry, its main performance indicator may be the measure of its annual revenue growth.

Incorrect Answers:
A: Determination of size and complexity of the enterprise is the selection criteria of the KRI, not KPI. KPI does not have any relevancy with size and complexity of the enterprise.

B: This is not the valid answer.

C: Type of market in which the enterprise is operating do not affect the selection of KPIs.



You are the project manager of project for a client. The client has promised your company a bonus, if the project is completed early. After studying the project work, you elect to crash the project in order to realize the early end date. This is an example of what type of risk response?

  1. Negative risk response, because crashing will add risks.
  2. Positive risk response, as crashing is an example of enhancing.
  3. Positive risk response, as crashing is an example of exploiting.
  4. Negative risk response, because crashing will add costs.

Answer(s): C



Judy has identified a risk event in her project that will have a high probability and a high impact. Based on the requirements of the project, Judy has asked to change the project scope to remove the associated requirement and the associated risk. What type of risk response is this?

  1. Exploit
  2. Not a risk response, but a change request
  3. Avoidance
  4. Transference

Answer(s): C

Explanation:

Risk avoidance involves changing the project management plan to eliminate the threat entirely. The project manager may also isolate the project objectives from the risk's impact or change the objective that is in jeopardy. Examples of this include extending the schedule, changing the strategy, or reducing the scope. The most radical avoidance strategy is to shut down the project entirely. Some risks that arise early in the project can be avoided by clarifying requirements, obtaining information, improving communication, or acquiring expertise.

Incorrect Answers:
A: Exploit risk response is used for positive risk or opportunity, not for negative risk.

B: This risk response does require a change request, in some instances, but it's the avoidance risk response and not just a change request.

D: Transference allows the risk to be transferred, not removed from the project, to a third party. Transference usually requires a contractual relationship with the third party.






Post your Comments and Discuss ISACA CRISC exam with other Community members:

CRISC Discussions & Posts