In an organization with a mature risk management program, which of the following would provide the BEST evidence that the IT risk profile is up to date?

• A.Risk questionnaire
• B.Risk register
• C.Compliance manual
• D.Management assertion

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a performance measure that is used to evaluate the efficiency of an investment or to compare the efficiency of a number of different investments?

• A.Return On Security Investment
• B.Total Cost of Ownership
• C.Return On Investment
• D.Redundant Array of Inexpensive Disks

Comment: *

Name: *

Email: *

Verification: *

An organization is planning to acquire a new financial system. Which of the following stakeholders would provide the MOST relevant information for analyzing the risk associated with the new IT solution?

• A.Process owner
• B.Internal auditor
• C.Risk manager
• D.Project sponsor

Comment: *

Name: *

Email: *

Verification: *

Which of the following would prompt changes in key risk indicator {KRI) thresholds?

• A.Knowledge of new and emerging threats
• B.Changes to the risk register
• C.Changes in risk appetite or tolerance
• D.Modification to risk categories

Comment: *

Name: *

Email: *

Verification: *

You are the project manager of GHT project. A risk event has occurred in your project and you have identified it. Which of the following tasks you would do in reaction to risk event occurrence? Each correct answer represents a part of the solution. Choose three.

• A.Monitor risk
• B.Maintain and initiate incident response plans
• C.Update risk register
• D.Communicate lessons learned from risk events
• E.Explanation:
  When the risk events occur then following tasks have to done to react to it: Maintain incident response plans Monitor risk Initiate incident response Communicate lessons learned from risk events

Comment: *

Name: *

Email: *

Verification: *