Which of the following is the BEST way to support communication of emerging risk?

• A.Include it in the risk register for ongoing monitoring.
• B.Include it on the next enterprise risk committee agenda.
• C.Adjust inherent risk levels upward.
• D.Update residual risk levels to reflect the expected risk impact.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the STRONGEST indication an organization has ethics management issues?

• A.Internal IT auditors report to the chief information security officer (CISO).
• B.Employees do not report IT risk issues for fear of consequences.
• C.The organization has only two lines of defense.
• D.Employees face sanctions for not signing the organization's acceptable use policy.

Comment: *

Name: *

Email: *

Verification: *

You and your project team have identified a few risk events in the project and recorded the events in the risk register. Part of the recording of the events includes the identification of a risk owner. Who is a risk owner?

• A.A risk owner is the party that will monitor the risk events.
• B.A risk owner is the party that will pay for the cost of the risk event if it becomes an issue.
• C.A risk owner is the party that has caused the risk event.
• D.A risk owner is the party authorized to respond to the risk event.
• E.Explanation:
  Risk owner for each risk should be the person who has the most influence over its outcome.
  Selecting the risk owner thus usually involves considering the source of risk and identifying the
  person who is best placed to understand and implement what needs to be done. They are also
  responsible for responding to the event and reporting on the risk status.
• F.is incorrect. Risk owners are not the people who cause the risk event.
• G.is incorrect. A risk owner will monitor the identified risks for status changes, but all
  project stakeholders should be iteratively looking to identify the risks.

Comment: *

Name: *

Email: *

Verification: *

You are the project manager for TTP project. You are in the Identify Risks process. You have to create the risk register. Which of the following are included in the risk register?
Each correct answer represents a complete solution. Choose two.

• A.List of potential responses
• B.List of key stakeholders
• C.List of mitigation techniques
• D.List of identified risks
• E.Explanation:
  Risk register primarily contains the following: List of identified risks: A reasonable description of the identified risks is noted in the risk register. The description includes event, cause, effect, impact related to the risks identified. In addition to the list of identified risks, the root causes of those risks may appear in the risk register. List of potential responses: Potential responses to a risk may be identified during the Identify Risks process. These responses are useful as inputs to the Plan Risk Responses process.

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY objective for selecting risk response options is to:

• A.reduce risk factors.
• B.minimize residual risk.
• C.reduce risk 10 an acceptable level.
• D.identify compensating controls.

Comment: *

Name: *

Email: *

Verification: *