CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CRISC

Free CRISC Exam Braindumps (page: 75)

Page 74 of 451
PDF with 1871 Questions

You are the risk professional in Bluewell Inc. You have identified a risk and want to implement a specific risk mitigation activity. What you should PRIMARILY utilize?

  1. Vulnerability assessment report
  2. Business case
  3. Technical evaluation report
  4. Budgetary requirements

Answer(s): B

Explanation:

As business case includes business need (like new product, change in process, compliance need, etc.) and the requirements of the enterprise (new technology, cost, etc.), risk professional should utilize this for implementing specific risk mitigation activity. Risk professional must look at the costs of the various controls and compare them against the benefits that the organization will receive from the risk response. Hence he/she needs to have knowledge of business case development to illustrate the costs and benefits of the risk response.

Incorrect Answers:
A, C, D: These all options are supplemental.



You are the project manager of the AFD project for your company. You are working with the project team to reassess existing risk events and to identify risk events that have not happened and whose relevancy to the project has passed. What should you do with these events that have not happened and would not happen now in the project?

  1. Add the risk to the issues log
  2. Close the outdated risks
  3. Add the risks to the risk register
  4. Add the risks to a low-priority watch-list

Answer(s): B

Explanation:

Risks that are now outdated should be closed by the project manager, there is no need to keep record of that. Incorrect Answers:
A: Risks do not go into the issue log, but the risk register. C: Identified risks are already in the risk register.

D: Risks with low probability and low impact go on the risk watchlist.



What activity should be done for effective post-implementation reviews during the project?

  1. Establish the business measurements up front
  2. Allow a sufficient number of business cycles to be executed in the new system
  3. Identify the information collected during each stage of the project
  4. Identify the information to be reviewed

Answer(s): A

Explanation:

For effective post-implementation review the business measurements up front is established during the project. Incorrect Answers:
B: Executing sufficient number of business cycles in the new system is done after the completion of the project.

C, D: Identifying the information to be reviewed and information collected during each stage of project is done in pre-project phase and not during project for effective post-implementation review.



Which of the following is the best reason for performing risk assessment?

  1. To determine the present state of risk
  2. To analyze the effect on the business
  3. To satisfy regulatory requirements
  4. To budget appropriately for the application of various controls

Answer(s): A

Explanation:

Risk assessment is a process of analyzing the identified risk, both quantitatively and qualitatively. Quantitative risk assessment requires calculations of two components of risk, the magnitude of the potential loss, and the probability that the loss will occur. While qualitatively risk assessment checks the severity of risk. Hence risk assessment helps in determining the present state of the risk.

Incorrect Answers:
B: Analyzing the effect of risk on an enterprise is the part of the process while performing risk assessment, but is not the reason for doing it.

C: Performing risk assessment may satisfy the regulatory requirements, but is not the reason to perform risk assessment.

D: Budgeting appropriately is one the results of risk assessment but is not the reason for performing the risk assessment.






Post your Comments and Discuss ISACA CRISC exam with other Community members:

CRISC Discussions & Posts