To help ensure all applicable risk scenarios are incorporated into the risk register, it is MOST important to review the:

• A.risk assessment results
• B.vulnerability assessment results
• C.cost-benefit analysis
• D.risk mitigation approach

Comment: *

Name: *

Email: *

Verification: *

John works as a project manager for BlueWell Inc. He is determining which risks can affect the project.
Which of the following inputs of the identify risks process is useful in identifying risks associated to the time allowances for the activities or projects as a whole, with a width of the range indicating the degrees of risk?

• A.Activity duration estimates
• B.Activity cost estimates
• C.Risk management plan
• D.Schedule management plan

Comment: *

Name: *

Email: *

Verification: *

An enterprise has identified risk events in a project. While responding to these identified risk events, which among the following stakeholders is MOST important for reviewing risk response options to an IT risk.

• A.Information security managers
• B.Internal auditors
• C.Incident response team members
• D.Business managers
• E.Explanation:
  Business managers are accountable for managing the associated risk and will determine what actions to take based on the information provided by others.

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY benefit of conducting continuous monitoring of access controls is the ability to identify:

• A.leading or lagging key risk indicators (KRIs)
• B.inconsistencies between security policies and procedures
• C.unknown threats to undermine existing access controls
• D.possible noncompliant activities that lead to data disclosure

Comment: *

Name: *

Email: *

Verification: *

Which erf the following stakeholders are typically included as part of a line of defense within the three lines of defense model?

• A.Regulators
• B.Legal team
• C.Vendors
• D.Board of directors

Comment: *

Name: *

Email: *

Verification: *