Question 1

Which of the following is the MOST important information to cover in a business continuity awareness training program for all employees of the organization?

Options :

A : Critical asset inventory

B : Communication plan

C : Segregation of duties

D : Recovery time objectives (RTOs)

Answer: B

Question 2

Which of the following phases is involved in the Data Extraction, Validation, Aggregation and Analysis?

Options :

A : Risk response and Risk monitoring

B : Requirements gathering, Data access, Data validation, Data analysis, and Reporting and corrective action

C : Data access and Data validation

D : Risk identification, Risk assessment, Risk response and Risk monitoring

Answer: B

Question 3

Which of the following would be the GREATEST challenge when implementing a corporate risk framework for a global organization?

Options :

A : Business continuity

B : Risk taxonomy

C : Management support

D : Privacy risk controls

Answer: D

Question 4

Which of the following is a responsibility of the second line of defense in the three lines of defense model?

Options :

A : Owning risk scenarios and bearing the consequences of loss

B : Alerting operational management to emerging issues

C : Implementing corrective actions to address deficiencies

D : Performing duties independently to provide assurance

Answer: A

Question 5

You are the project manager of GHT project. You are performing cost and benefit analysis of control. You come across the result that costs of specific controls exceed the benefits of mitigating a given risk. What is the BEST action would you choose in this scenario?

Options :

A : The enterprise may apply the appropriate control anyway.

B : The enterprise should adopt corrective control.

C : The enterprise may choose to accept the risk rather than incur the cost of mitigation.

D : The enterprise should exploit the risk.

Answer: C

Higher Test Marks with Free Online CRISC Exam Practice

Buying Options: