CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CRISC

Free CRISC Exam Braindumps (page: 86)

Page 85 of 451
PDF with 1871 Questions

Which of the following comes under phases of risk management?

  1. Assessing risk
  2. Prioritization of risk
  3. Identify risk
  4. Monitoring risk
  5. Developing risk

Answer(s): A,B,C,D

Explanation:

Risk management provides an approach for individuals and groups to make a decision on how to deal with potentially harmful situations.
Following are the four phases involved in risk management:
1. Risk identification: The first thing we must do in risk management is to identify the areas of the project where the risks can occur.
This is termed as risk identification. Listing all the possible risks is proved to be very productive for the enterprise as we can cure them before it can occur. In risk identification both threats and opportunities are considered, as both carry some level of risk with them.
2. Risk Assessment and Evaluation: Risk assessment use quantitative and qualitative analysis approaches to evaluate each significant risk identified.
3. Risk Prioritization and Response: As many risks are being identified in an enterprise, it is best to give each risk a score based on its likelihood and significance in form of ranking. This concludes whether the risk with high likelihood and high significance must be given greater attention as compared to similar risk with low likelihood and low significance. Hence, risks can be prioritized and appropriate responses to those risks are created.
4. Risk Monitoring: Risk monitoring is an activity which oversees the changes in risk assessment. Over time, the likelihood or significance originally attributed to a risk may change. This is especially true when certain responses, such as mitigation, have been made.



You are the project manager in your enterprise. You have identified occurrence of risk event in your enterprise. You have pre-planned risk responses. You have monitored the risks that had occurred. What is the immediate step after this monitoring process that has to be followed in response to risk events?

  1. Initiate incident response
  2. Update the risk register
  3. Eliminate the risk completely
  4. Communicate lessons learned from risk events

Answer(s): A

Explanation:

When the risk events occur then following tasks have to done to react to it: Maintain incident response plans
Monitor risk
Initiate incident response
Communicate lessons learned from risk events



You are the project manager for GHT project. You need to perform the Qualitative risk analysis process. When you have completed this process, you will produce all of the following as part of the risk register update output except which one?

  1. Probability of achieving time and cost estimates
  2. Priority list of risks
  3. Watch list of low-priority risks
  4. Risks grouped by categories

Answer(s): A

Explanation:

Probability of achieving time and cost estimates is an update that is produced from the Quantitative risk analysis process. In Qualitative risk analysis probability of occurrence of a specific risk is identified but not of achieving time and cost estimates.



You have been assigned as the Project Manager for a new project that involves building of a new roadway between the city airport to a designated point within the city. However, you notice that the transportation permit issuing authority is taking longer than the planned time to issue the permit to begin construction. What would you classify this as?

  1. Project Risk
  2. Status Update
  3. Risk Update
  4. Project Issue

Answer(s): D

Explanation:

This is a project issue. It is easy to confuse this as a project risk; however, a project risk is always in the future. In this case, the delay by the permitting agency has already happened; hence this is a project issue. The possible impact of this delay on the project cost, schedule, or performance can be classified as a project risk.

Incorrect Answers:
A: It is easy to confuse this as a project risk; however, a project risk is always in the future. In this case, the delay by the permitting agency has already happened; hence this is a project issue.

B, C: These are options are not valid.






Post your Comments and Discuss ISACA CRISC exam with other Community members:

CRISC Discussions & Posts