Which of the following are the principles of access controls?
Each correct answer represents a complete solution. Choose three.

• A.Confidentiality
• B.Availability
• C.Reliability
• D.Integrity

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST way to support communication of emerging risk?

• A.Update residual risk levels to reflect the expected risk impact.
• B.Include it on the next enterprise risk committee agenda.
• C.Adjust inherent risk levels upward.
• D.Include it in the risk register for ongoing monitoring.

Comment: *

Name: *

Email: *

Verification: *

An organization is considering modifying its system to enable acceptance of credit card payments. To reduce the risk of data exposure, which of the following should the organization do FIRST?

• A.Implement additional controls
• B.Conduct a risk assessment
• C.Update the risk register
• D.Update the security strategy

Comment: *

Name: *

Email: *

Verification: *

A control for mitigating risk in a key business area cannot be implemented immediately. Which of the following is the risk practitioner's BEST course of action when a compensating control needs to be applied?

• A.Record the risk as accepted m the risk register.
• B.update the risk response plan.
• C.Obtain the risk owner's approval.
• D.Inform senior management.

Comment: *

Name: *

Email: *

Verification: *

A risk heat map is MOST commonly used as part of an IT risk analysis to facilitate risk:

• A.assessment
• B.treatment.
• C.communication.
• D.identification.

Comment: *

Name: *

Email: *

Verification: *