Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using?

• A.Risk transfer
• B.Risk acceptance
• C.Risk avoidance
• D.Risk mitigation
• E.Explanation:
  Risk transfer is the practice of passing risk from one entity to another entity. In other words, if a company is covered under a liability insurance policy providing various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc., it means it has transferred its security risks to the insurance company.

Comment: *

Name: *

Email: *

Verification: *

Which of the following activities would BEST facilitate effective risk management throughout the organization?

• A.Reviewing risk-related process documentation
• B.Performing frequent audits
• C.Performing a business impact analysis
• D.Conducting periodic risk assessments

Comment: *

Name: *

Email: *

Verification: *

Which of the following considerations should be taken into account while selecting risk indicators that ensures greater buy-in and ownership?

• A.Lag indicator
• B.Lead indicator
• C.Root cause
• D.Stakeholder
• E.Explanation:
  To ensure greater buy-in and ownership, risk indicators should be selected with the involvement of relevant stakeholders. Risk indicators should be identified for all stakeholders and should not focus solely on the more operational or strategic side of risk.

Comment: *

Name: *

Email: *

Verification: *

You are the project manager of the GHY Project for your company. You need to complete a project management process that will be on the lookout for new risks, changing risks, and risks that are now outdated. Which project management process is responsible for these actions?

• A.Risk planning
• B.Risk monitoring and controlling
• C.Risk identification
• D.Risk analysis
• E.Explanation:
  The risk monitoring and controlling is responsible for identifying new risks, determining the status
  of risks that may have changed, and determining which risks may be outdated in the project.
• F.is incorrect. Risk identification is a process that identifies risk events in the project.
• G.is incorrect. Risk planning creates the risk management plan and determines how risks
  will be identified, analyzed, monitored and controlled, and responded to.

Comment: *

Name: *

Email: *

Verification: *

An organization has outsourced its lease payment process to a service provider who lacks evidence of compliance with a necessary regulatory standard. Which risk treatment was adopted by the organization?

• A.Acceptance
• B.Transfer
• C.Mitigation
• D.Avoidance

Comment: *

Name: *

Email: *

Verification: *