An organization is planning to acquire a new financial system. Which of the following stakeholders would provide the MOST relevant information for analyzing the risk associated with the new IT solution?

• A.Process owner
• B.Internal auditor
• C.Risk manager
• D.Project sponsor

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important consideration when sharing risk management updates with executive management?

• A.Using an aggregated view of organizational risk
• B.Relying on key risk indicator (KRI) data
• C.Ensuring relevance to organizational goals
• D.Including trend analysis of risk metrics

Comment: *

Name: *

Email: *

Verification: *

What are the two MAJOR factors to be considered while deciding risk appetite level? Each correct answer represents a part of the solution. Choose two.

• A.The amount of loss the enterprise wants to accept
• B.Alignment with risk-culture
• C.Risk-aware decisions
• D.The capacity of the enterprise's objective to absorb loss.

Comment: *

Name: *

Email: *

Verification: *

An external security audit has reported multiple findings related to control noncompliance. Which of the following would be MOST important for the risk practitioner to communicate to senior management?

• A.Plans for mitigating the associated risk
• B.Suggestions for improving risk awareness training
• C.A recommendation for internal audit validation
• D.The impact to the organization's risk profile

Comment: *

Name: *

Email: *

Verification: *

Which of the following MUST be assessed before considering risk treatment options for a scenario with significant impact?

• A.Incident probability
• B.Risk magnitude
• C.Risk appetite
• D.Cost-benefit analysis

Comment: *

Name: *

Email: *

Verification: *