Which of the following is the PRIMARY reason to update a risk register with risk assessment results?

• A.To communicate the level and priority of assessed risk to management
• B.To assign a risk owner to manage the risk
• C.To provide a comprehensive inventory of risk across the organization
• D.To enable the creation of action plans to address nsk

Comment: *

Name: *

Email: *

Verification: *

Numerous media reports indicate a recently discovered technical vulnerability is being actively exploited. Which of the following would be the BEST response to this scenario?

• A.Reassess the inherent risk of the target.
• B.Conduct a control serf-assessment.
• C.Assess the vulnerability management process.
• D.Conduct a vulnerability assessment.

Comment: *

Name: *

Email: *

Verification: *

Which of the following BEST promotes commitment to controls?

• A.Assigning a quality control review
• B.Performing regular independent control reviews
• C.Assigning appropriate resources
• D.Assigning control ownership

Comment: *

Name: *

Email: *

Verification: *

Which of the following control detects problem before it can occur?

• A.Deterrent control
• B.Detective control
• C.Compensation control
• D.Preventative control

Comment: *

Name: *

Email: *

Verification: *

Which of the following would provide the BEST guidance when selecting an appropriate risk treatment plan?

• A.Cost-benefit analysis
• B.Return on investment
• C.Risk mitigation budget
• D.Business Impact analysis

Comment: *

Name: *

Email: *

Verification: *