To effectively support business decisions, an IT risk register MUST:

• A.reflect the results of risk assessments.
• B.effectively support a business maturity model.
• C.be available to operational risk groups.
• D.be reviewed by the IT steering committee.

Comment: *

Name: *

Email: *

Verification: *

You are elected as the project manager of GHT project. You have to initiate the project. Your Project request document has been approved, and now you have to start working on the project. What is the FIRST step you should take to initialize the project?

• A.Conduct a feasibility study
• B.Acquire software
• C.Define requirements of project
• D.Plan project management
• E.Explanation:
  Conducting a feasibility study begins once initial approval has been given to move forward with a project. It includes an analysis to clearly define the need and to identify alternatives for addressing
  the need.
• F.is incorrect. Acquiring software involves building new or modifying existing hardware or
  software after final approval by the stakeholder, which is not a phase in the standard SDLC
  process.
  If a decision was reached to acquire rather than develop software, this task should occur after
  feasibility study and defining requirements.
• G.is incorrect. This is latter phase in project development process.

Comment: *

Name: *

Email: *

Verification: *

A project team member has just identified a new project risk. The risk event is determined to have significant impact but a low probability in the project. Should the risk event happen it'll cause the project to be delayed by three weeks, which will cause new risk in the project. What should the project manager do with the risk event?

• A.Add the identified risk to a quality control management chart.
• B.Add the identified risk to the issues log.
• C.Add the identified risk to the risk register.
• D.Add the identified risk to the low-level risk watch-list.

Comment: *

Name: *

Email: *

Verification: *

Thomas is a key stakeholder in your project. Thomas has requested several changes to the project scope for the project you are managing.
Upon review of the proposed changes, you have discovered that these new requirements are laden with risks and you recommend to the change control board that the changes be excluded from the project scope. The change control board agrees with you. What component of the change control system communicates the approval or denial of a proposed change request?

• A.Configuration management system
• B.Integrated change control
• C.Change log
• D.Scope change control system

Comment: *

Name: *

Email: *

Verification: *

You are the Risk Official in Bluewell Inc. You have detected much vulnerability during risk assessment process.
What you should do next?

• A.Prioritize vulnerabilities for remediation solely based on impact.
• B.Handle vulnerabilities as a risk, even though there is no threat.
• C.Analyze the effectiveness of control on the vulnerabilities' basis.
• D.Evaluate vulnerabilities for threat, impact, and cost of mitigation.

Comment: *

Name: *

Email: *

Verification: *