Which of the following is the MAIN reason for analyzing risk scenarios?

• A.Updating the heat map
• B.Establishing a risk appetite
• C.Identifying additional risk scenarios
• D.Assessing loss expectancy

Comment: *

Name: *

Email: *

Verification: *

Judy has identified a risk event in her project that will have a high probability and a high impact. Based on the requirements of the project, Judy has asked to change the project scope to remove the associated requirement and the associated risk. What type of risk response is this?

• A.Exploit
• B.Not a risk response, but a change request
• C.Avoidance
• D.Transference

Comment: *

Name: *

Email: *

Verification: *

Risk mitigation procedures should include:

• A.buying an insurance policy.
• B.acceptance of exposures.
• C.deployment of countermeasures.
• D.enterprise architecture implementation

Comment: *

Name: *

Email: *

Verification: *

An organization has identified a risk exposure due to weak technical controls in a newly implemented HR system. The risk practitioner is documenting the risk in the risk register. The risk should be owned by the:

• A.project manager.
• B.chief risk officer.
• C.chief information officer.
• D.business process owner.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the PRIMARY reason for an organization to ensure the risk register is updated regularly?

• A.Key risk indicators (KRIs) are evaluated to validate they are still within the risk threshold.
• B.Risk assessment results are accessible to senior management and stakeholders.
• C.Risk mitigation activities are managed and coordinated.
• D.Risk information is available to enable risk-based decisions.

Comment: *

Name: *

Email: *

Verification: *