Which one of the following is the only output for the qualitative risk analysis process?

• A.Project management plan
• B.Risk register updates
• C.Organizational process assets
• D.Enterprise environmental factors

Correct Answer: B

Explanation/Reference:
Explanation:
Risk register update is the only output of the choices presented for the qualitative risk analysis process.
The four inputs for the qualitative risk analysis process are the risk register, risk management plan, project scope statement, and organizational process assets. The output of perform qualitative risk analysis process is Risk Register Updates. Risk register is updated with the information from perform qualitative risk analysis and the updated risk register is included in the project documents. Updates include the following important elements:
Relative ranking or priority list of project risks

Risks grouped by categories

Causes of risk or project areas requiring particular attention

List of risks requiring response in the near-term

List of risks for additional analysis and response

Watchlist of low priority risks

Trends in qualitative risk analysis results

Incorrect Answers:
A, C, D: These are not the valid outputs for the qualitative risk analysis process.

Comment: *

Name: *

Email: *

Verification: *

An organization's risk practitioner learns a new third-party system on the corporate network has introduced vulnerabilities that could compromise corporate IT systems. What should the risk practitioner do FIRST?

• A.Notify information security management.
• B.Identify procedures to mitigate the vulnerabilities.
• C.Confirm the vulnerabilities with the third party.
• D.Request IT to remove the system from the network

Comment: *

Name: *

Email: *

Verification: *

Which of the following would be MOST useful when measuring the progress of a risk response action plan?

• A.Resource expenditure against budget
• B.An up-to-date risk register
• C.Percentage of mitigated risk scenarios
• D.Annual loss expectancy (ALE) changes

Comment: *

Name: *

Email: *

Verification: *

You work as a Project Manager for Company Inc. You have to conduct the risk management activities for a project. Which of the following inputs will you use in the plan risk management process?
Each correct answer represents a complete solution. (Choose three.)

• A.Quality management plan
• B.Schedule management plan
• C.Cost management plan
• D.Project scope statement

Correct Answer: B,C,D

Explanation/Reference:
Explanation:
The inputs to the plan risk management process are as follows:
Project scope statement: It provides a clear sense of the range of possibilities associated with the

project and establishes the framework for how significant the risk management effort may become.
Cost management plan: It describes how risk budgets, contingencies, and management reserves will

be reported and accessed.
Schedule management plan: It describes how the schedule contingencies will be reported and

assessed.
Communication management plan: It describes the interactions, which occurs on the project and

determines who will be available to share information on various risks and responses at different times.
Enterprise environmental factors: It include, but are not limited to, risk attitudes and tolerances that

describe the degree of risk that an organization withstand.
Organizational process assets: It includes, but are not limited to, risk categories, risk statement formats,

standard templates, roles and responsibilities, authority levels for decision-making, lessons learned, and stakeholder registers.
Incorrect Answers:
A: It is not an input for Plan risk management process.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST useful indicator to measure the efficiency of an identity and access management process?

• A.Average account lockout time
• B.Number of tickets for provisioning new accounts
• C.Average time to provision user accounts
• D.Password reset volume per month

Comment: *

Name: *

Email: *

Verification: *