The PRIMARY goal of a risk management program is to:

• A.safeguard corporate assets.
• B.help prevent operational losses.
• C.help ensure objectives are met.
• D.facilitate resource availability.

Comment: *

Name: *

Email: *

Verification: *

During a routine check, a system administrator identifies unusual activity indicating an intruder within a firewall. Which of the following controls has MOST likely been compromised?

• A.Data integrity
• B.Data validation
• C.Authentication
• D.Identification

Comment: *

Name: *

Email: *

Verification: *

You work as a project manager for BlueWell Inc. Management has asked you to work with the key project stakeholder to analyze the risk events you have identified in the project. They would like you to analyze the project risks with a goal of improving the project's performance as a whole. What approach can you use to achieve this goal of improving the project's performance through risk analysis with your project stakeholders?

• A.Involve subject matter experts in the risk analysis activities
• B.Involve the stakeholders for risk identification only in the phases where the project directly affects them
• C.Use qualitative risk analysis to quickly assess the probability and impact of risk events
• D.Focus on the high-priority risks through qualitative risk analysis
• E.Explanation:
  By focusing on the high-priority of risk events through qualitative risk analysis you can improve the project's performance. Qualitative analysis is the definition of risk factors in terms of high/medium/low or a numeric scale (1 to 10). Hence it determines the nature of risk on a relative scale. Some of the qualitative methods of risk analysis are: Scenario analysis- This is a forward-looking process that can reflect risk for a given point in time. Risk Control Self -assessment (RCSA) - RCSA is used by enterprises (like banks) for the identification and evaluation of operational risk exposure. It is a logical first step and assumes that business owners and managers are closest to the issues and have the most expertise as to the source of the risk. RCSA is a constructive process in compelling business owners to contemplate, and then explain, the issues at hand with the added benefit of increasing their accountability.

Comment: *

Name: *

Email: *

Verification: *

It is MOST important for a risk practitioner to have an awareness of an organization's processes in order to:

• A.perform a business impact analysis
• B.establish risk guidelines
• C.understand control design
• D.identify potential sources of risk

Comment: *

Name: *

Email: *

Verification: *

The BEST control to mitigate the risk associated with project scope creep is to:

• A.consult with senior management on a regular basis
• B.apply change management procedures
• C.ensure extensive user involvement
• D.deploy CASE tools in software development

Comment: *

Name: *

Email: *

Verification: *