Which of the following would be MOST helpful to understand the impact of a new technology system on an organization's current risk profile?

• A.Conduct a gap analysis
• B.Review existing risk mitigation controls
• C.Perform a risk assessment
• D.Hire consultants specializing in the new technology

Comment: *

Name: *

Email: *

Verification: *

Which of the following BEST measures the efficiency of an incident response process?

• A.Average gap between actual and agreed response times
• B.Average time between changes and updating of escalation matrix
• C.Number of incidents escalated to management
• D.Number of incidents lacking responses

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the GREATEST benefit of identifying appropriate risk owners?

• A.Stakeholders are consulted about risk treatment options
• B.Responsibility is established for risk treatment decisions.
• C.Risk owners are informed of risk treatment options
• D.Accountability is established for risk treatment decisions

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the PRIMARY responsibility of the first line of defense related to computer-enabled fraud?

• A.Providing oversight of risk management processes
• B.Ensuring that risk and control assessments consider fraud
• C.Implementing processes to detect and deter fraud
• D.Monitoring the results of actions taken to mitigate fraud

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be the risk practitioner s FIRST course of action when an organization has decided to expand into new product areas?

• A.Identify any new business objectives with stakeholders.
• B.Present a business case for new controls to stakeholders.
• C.Revise the organization's risk and control policy.
• D.Review existing risk scenarios with stakeholders.

Comment: *

Name: *

Email: *

Verification: *