In which of the following risk management capability maturity levels risk appetite and tolerance are applied only during episodic risk assessments?

• A.Level 3
• B.Level 2
• C.Level 4
• D.Level 1

Comment: *

Name: *

Email: *

Verification: *

You are the project manager of GRT project. You discovered that by bringing on more qualified resources or by providing even better quality than originally planned, could result in reducing the amount of time required to complete the project. If your organization seizes this opportunity it would be an example of what risk response?

• A.Enhance
• B.Exploit
• C.Accept
• D.Share

Comment: *

Name: *

Email: *

Verification: *

Using which of the following one can produce comprehensive result while performing qualitative risk analysis?

• A.Scenarios with threats and impacts
• B.Cost-benefit analysis
• C.Value of information assets.
• D.Vulnerability assessment
• E.Explanation:
  Using list of possible scenarios with threats and impacts will better frame the range of risk and hence can frame more informative result of qualitative analysis.

Comment: *

Name: *

Email: *

Verification: *

A control owner identifies that the organization's shared drive contains personally identifiable information (Pll) that can be accessed by all personnel. Which of the following is the MOST effective risk response?

• A.Re-communicate the data protection policy.
• B.Implement a data encryption solution.
• C.Implement a data loss prevention (DLP) solution.
• D.Protect sensitive information with access controls.

Comment: *

Name: *

Email: *

Verification: *

The FIRST task when developing a business continuity plan should be to:

• A.identify critical business functions and resources.
• B.determine data backup and recovery availability at an alternate site.
• C.define roles and responsibilities for implementation.
• D.identify recovery time objectives (RTOs) for critical business applications.

Comment: *

Name: *

Email: *

Verification: *