If one says that the particular control or monitoring tool is sustainable, then it refers to what ability?

• A.The ability to adapt as new elements are added to the environment
• B.The ability to ensure the control remains in place when it fails
• C.The ability to protect itself from exploitation or attack
• D.The ability to be applied in same manner throughout the organization

Comment: *

Name: *

Email: *

Verification: *

Which of the following statements are true for enterprise's risk management capability maturity level 3?

• A.Workflow tools are used to accelerate risk issues and track decisions
• B.The business knows how IT fits in the enterprise risk universe and the risk portfolio view
• C.The enterprise formally requires continuous improvement of risk management skills, based on clearly defined personal and enterprise goals
• D.Risk management is viewed as a business issue, and both the drawbacks and benefits of risk are recognized

Comment: *

Name: *

Email: *

Verification: *

Which of the following risks is associated with not receiving the right information to the right people at the right time to allow the right action to be taken?

• A.Relevance risk
• B.Integrity risk
• C.Availability risk
• D.Access risk
• E.Explanation:
  Relevance risk is the risk associated with not receiving the right information to the right people (or
  process or systems) at the right time to allow the right action to be taken.
• F.is incorrect. The risk that confidential or private information may be disclosed or made
  available to those without appropriate authority is termed as access or security risk. An aspect of
  this risk is non-compliance with local, national and international laws related to privacy and
  protection of personal information.
• G.is incorrect. The risk that data cannot be relied on because they are unauthorized,
  incomplete or inaccurate is termed as integrity risk.

Comment: *

Name: *

Email: *

Verification: *

What should a risk practitioner do NEXT if an ineffective key control is identified on a critical system?

• A.Revalidate the risk assessment.
• B.Escalate to senior management.
• C.Propose acceptance of the risk.
• D.Conduct a gap analysis.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST metric to demonstrate the effectiveness of an organization's change management process?

• A.Average time to complete changes
• B.Increase in the number of emergency changes
• C.Percent of unauthorized changes
• D.Increase in the frequency of changes

Comment: *

Name: *

Email: *

Verification: *