A newly incorporated enterprise needs to secure its information assets From a governance perspective which of the following should be done FIRST?

• A.Define information retention requirements and policies
• B.Provide information security awareness training
• C.Establish security management processes and procedures
• D.Establish an inventory of information assets

Comment: *

Name: *

Email: *

Verification: *

You work as a Project Manager for Company Inc. You are incorporating a risk response owner to take the job for each agreed-to and funded risk response. On which of the following processes are you working?

• A.Quantitative Risk Analysis
• B.Identify Risks
• C.Plan risk response
• D.Qualitative Risk Analysis
• E.Explanation:
  The plan risk response project management process aims to reduce the threats to the project objectives and to increase opportunities. It follows the perform qualitative risk analysis process and perform quantitative risk analysis process. Plan risk response process includes the risk response owner to take the job for each agreed-to and funded risk response. This process addresses the risks by their priorities, schedules the project management plan as required, and inserts resources and activities into the budget. The inputs to the plan risk response process are as follows: Risk register Risk management plan

Comment: *

Name: *

Email: *

Verification: *

Who is MOST important lo include in the assessment of existing IT risk scenarios?

• A.Risk management consultants
• B.Technology subject matter experts
• C.Business users of IT systems
• D.Business process owners

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the PRIMARY purpose of periodically reviewing an organization's risk profile?

• A.Design and implement risk response action plans.
• B.Enable risk-based decision making.
• C.Align business objectives with risk appetite.
• D.Update risk responses in the risk register

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the PRIMARY factor in determining a recovery time objective (RTO)?

• A.Response time of the emergency action plan
• B.Cost of downtime due to a disaster
• C.Cost of offsite backup premises
• D.Cost of testing the business continuity plan

Comment: *

Name: *

Email: *

Verification: *