CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CRISC

Free CRISC Exam Braindumps (page: 82)

Page 81 of 451
PDF with 1871 Questions

Which of the following role carriers has to account for collecting data on risk and articulating risk?

  1. Enterprise risk committee
  2. Business process owner
  3. Chief information officer (CIO)
  4. Chief risk officer (CRO)

Answer(s): D

Explanation:

CRO is the individual who oversees all aspects of risk management across the enterprise. Chief risk officer has the main accountability for collecting data and articulating risk. If there is any fault in these processes, then CRO should be answerable.

Incorrect Answers:
A: Enterprise risk committee are the executives who are accountable for the enterprise level collaboration and consensus required to support enterprise risk management (ERM). They are to some extent responsible for articulating risk but are not accounted for it. They are neither responsible nor accounted for collecting data on risk.

B: Business process owner is an individual responsible for identifying process requirements, approving process design and managing process performance. He/she is responsible for collecting data and articulating risk but is not accounted for them.

C: CIO is the most senior official of the enterprise who is accountable for IT advocacy; aligning IT and business strategies; and planning, resourcing and managing the delivery of IT services and information and the deployment of associated human resources. CIO has some responsibility towards collecting data and articulating risk but is not accounted for them.



Which of the following is NOT true for effective risk communication?

  1. Risk information must be known and understood by all stakeholders.
  2. Use of technical terms of risk
  3. Any communication on risk must be relevant
  4. For each risk, critical moments exist between its origination and its potential business consequence

Answer(s): B

Explanation:

For effective communication, information communicated should not inundate the recipients. All ground rules of good communication apply to communication on risk. This includes the avoidance of jargon and technical terms regarding risk because the intended audiences are generally not deeply technologically skilled. Hence use of technical terms is avoided for effective communication

Incorrect Answers:
A, C, D: These all are true for effective risk communication. For effective risk communication the risk information should be clear, concise, useful and timely. Risk information must be known and understood by all the stakeholders. Information or communication should not overwhelm the recipients. This includes the avoidance of technical terms regarding risk because the intended audiences are generally not much technologically skilled.

Any communication on risk must be relevant. Technical information that is too detailed or is sent to inappropriate parties will hinder, rather than enable, a clear view of risk. For each risk, critical moments exist between its origination and its potential business consequence.

Information should also be aimed at the correct target audience and available on need-to-know basis. Hence for effective risk communication risk information should be:
Clear Concise Useful Timely given
Aimed at the correct audience Available on need-to-know basis



Which of the following interpersonal skills has been identified as one of the biggest reasons for project success or failure?

  1. Motivation
  2. Influencing
  3. Communication
  4. Political and cultural awareness

Answer(s): C

Explanation:

Communication has been identified as one of the biggest reasons for why projects succeeds or fails. Effective communication is essential for good project management.

Communication is a process in which information is passed from one person to another. A manager asks his subordinates to accomplish the task assigned to them. He should successfully pass the information to his subordinates. It is a means of motivating and guiding the employees of an enterprise.

Incorrect Answers:
A: While motivation is one of the important interpersonal skill, but it is not the best answer.

B: Influencing the project stakeholders is a needed interpersonal skill, but it is not the best answer.

D: Political and cultural awareness is an important part of every project, but it is not the best answer for this question



You are the project manager of the GHY project for your organization. You are working with your project team to begin identifying risks for the project. As part of your preparation for identifying the risks within the project you will need eleven inputs for the process. Which one of the following is NOT an input to the risk identification process?

  1. Quality management plan
  2. Stakeholder register
  3. Cost management plan
  4. Procurement management plan

Answer(s): D

Explanation:

The procurement management plan is not one of the eleven inputs for the risk identification process. The eleven inputs to this process are:
-risk management plan activity cost estimates activity duration estimates scope baseline stakeholder register
-cost management plan schedule management plan quality management plan project documents
-enterprise environmental factors organizational process assets.






Post your Comments and Discuss ISACA CRISC exam with other Community members:

CRISC Discussions & Posts