CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CRISC

Free CRISC Exam Braindumps (page: 60)

Page 59 of 451
PDF with 1871 Questions

Which of the following is true for risk management frameworks, standards and practices? Each correct answer represents a part of the solution. Choose three.

  1. They act as a guide to focus efforts of variant teams.
  2. They result in increase in cost of training, operation and performance improvement.
  3. They provide a systematic view of "things to be considered" that could harm clients or an enterprise.
  4. They assist in achieving business objectives quickly and easily.

Answer(s): A,C,D

Explanation:

Frameworks, standards and practices are necessary as:
They provide a systematic view of "things to be considered" that could harm clients or an enterprise. They act as a guide to focus efforts of variant teams.
They save time and revenue, such as training costs, operational costs and performance improvement costs. They assist in achieving business objectives quickly and easily.



An interruption in business productivity is considered as which of the following risks?

  1. Reporting risk
  2. Operational risk
  3. Legal risk
  4. Strategic risk

Answer(s): B

Explanation:

Operation risks encompass any potential interruption in business. Operational risks are those risk that are associated with the day-to-day operations of the enterprise. They are generally more detailed as compared to strategic risks. It is the risk of loss resulting from inadequate or failed internal processes, people and systems, or from external events. Some sub-categories of operational risks include:
Organizational or management related risks Information security risks
Production, process, and productivity risks Profitability operational risks
Business interruption risks Project activity risks
Contract and product liability risks Incidents and crisis
Illegal or malicious acts

Incorrect Answers:
A: Reporting risks are those occurrences which prevent accurate and timely reporting.

C: Legal risks are dealing with those events which can deteriorate the company's legal status. Legal compliance is the process or procedure to ensure that an organization follows relevant laws, regulations and business rules. The definition of legal compliance, especially in the context of corporate legal departments, has recently been expanded to include understanding and adhering to ethical codes within entire professions, as well. Hence legal and compliance risk has the potential to deteriorate company's legal or regulatory status.

D: Strategic risks have potential which breaks in obtaining strategic objectives. Since the strategic objective will shape and impact the entire organization, the risk of not meeting that objective can impose a great threat on the organization.



You are the project manager of the QPS project. You and your project team have identified a pure risk. You along with the key stakeholders, decided to remove the pure risk from the project by changing the project plan altogether. What is a pure risk?

  1. It is a risk event that only has a negative side and not any positive result.
  2. It is a risk event that is created by the application of risk response.
  3. It is a risk event that is generated due to errors or omission in the project work.
  4. It is a risk event that cannot be avoided because of the order of the work.

Answer(s): A

Explanation:

A pure risk has only a negative effect on the project. Pure risks are activities that are dangerous to complete and manage such as construction, electrical work, or manufacturing. It is a class of risk in which loss is the only probable result and there is no positive result.

Pure risk is associated to the events that are outside the risk-taker's control. Incorrect Answers:

B: The risk event created by the application of risk response is called secondary risk.

C: A risk event that is generated due to errors or omission in the project work is not necessarily pure risk. D: This in not valid definition of pure risk.



You work as a project manager for BlueWell Inc. You are preparing to plan risk responses for your project with your team. How many risk response types are available for a negative risk event in the project?

  1. 5
  2. 7
  3. 1
  4. 4

Answer(s): D

Explanation:

Four risk response options are there to deal with negative risks or threats on the project objectives- avoid, transfer, mitigate, and accept.
Risk avoidance Risk mitigation Risk transfer Risk acceptance

Incorrect Answers:
A, B ,C: These are incorrect choices as only 4 risk response are available to deal with negative risks.






Post your Comments and Discuss ISACA CRISC exam with other Community members:

CRISC Discussions & Posts