What is the GREATEST concern with maintaining decentralized risk registers instead of a consolidated risk register?

• A.Risk analysis may be inconsistent due to non-uniform impact and likelihood scales.
• B.Aggregated risk may exceed the enterprise's risk appetite and tolerance.
• C.Duplicate resources may be used to manage risk registers.
• D.Standardization of risk management practices may be difficult to enforce.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST important when discussing risk within an organization?

• A.Using key performance indicators (KPIs)
• B.Adopting a common risk taxonomy
• C.Creating a risk communication policy
• D.Using key risk indicators (KRIs)

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be a risk practitioner's NEXT step upon learning the organization is not in compliance with a specific legal regulation?

• A.Assess the likelihood and magnitude of the associated risk.
• B.Identify mitigation activities and compensating controls.
• C.Notify senior compliance executives of the associated risk.
• D.Determine the penalties for lack of compliance.

Comment: *

Name: *

Email: *

Verification: *

Which of the following would BEST enable a risk practitioner to embed risk management within the organization?

• A.Collect and analyze risk data for report generation.
• B.Engage key stakeholders in risk management practices.
• C.Monitor and prioritize risk data according to the heat map.
• D.Provide risk management feedback to key stakeholders.

Comment: *

Name: *

Email: *

Verification: *

The BEST key performance indicator (KPI) for monitoring adherence to an organization's user accounts provisioning practices is the percentage of:

• A.active accounts belonging to former personnel.
• B.accounts with dormant activity.
• C.accounts without documented approval.
• D.user accounts with default passwords.

Comment: *

Name: *

Email: *

Verification: *