You are the risk professional of your enterprise. Your enterprise has introduced new systems in many departments. The business requirements that were to be addressed by the new system are still unfulfilled, and the process has been a waste of resources. Even if the system is implemented, it will most likely be underutilized and not maintained making it obsolete in a short period of time. What kind of risk is it?

• A.Inherent risk
• B.Business risk
• C.Project risk
• D.Residual risk
• E.Explanation:
  Business risk relates to the likelihood that the new system may not meet the user business needs,
  requirements and expectations. Here in this stem it is said that the business requirements that
  were to be addressed by the new system are still unfulfilled, therefore it is a business risk.
• F.is incorrect. This is one of the components of risk. Inherent risk is the risk level or
  exposure without applying controls or other management actions into account.
  But here in this stem no description of control is given, hence it cannot be concluded whether it is
  a inherent risk or not.
• G.is incorrect. Project risk are related to the delay in project deliverables. The project
  activities to design and develop the system exceed the limits of the financial resources set aside
  for the project. As a result, the project completion will be delayed.
  They are not related to fulfillment of business requirements.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST important to include in a Software as a Service (SaaS) vendor agreement?

• A.A requirement to adopt an established risk management framework
• B.A requirement to provide an independent audit report
• C.A service level agreement (SLA)
• D.An annual contract review

Comment: *

Name: *

Email: *

Verification: *

In which of the following risk management capability maturity levels does the enterprise takes major business decisions considering the probability of loss and the probability of reward? Each correct answer represents a complete solution. Choose two.

• A.Level 0
• B.Level 2
• C.Level 5
• D.Level 4

Comment: *

Name: *

Email: *

Verification: *

You are the project manager of GHT project. You have initiated the project and conducted the feasibility study. What result would you get after conducting feasibility study?
Each correct answer represents a complete solution. Choose all that apply.

• A.Recommend alternatives and course of action
• B.Risk response plan
• C.Project management plan
• D.Results of criteria analyzed, like costs, benefits, risk, resources required and organizational impact

Correct Answer: A,D

Explanation/Reference:
Explanation:
The completed feasibility study results should include a cost/benefit analysis report that:
Provides the results of criteria analyzed (e.g., costs, benefits, risk, resources required and

organizational impact)
Recommends one of the alternatives and a course of action

Incorrect Answers:
B, C: Project management plan and risk response plan are the results of plan project management and plan risk response, respectively. They are not the result of feasibility study.

Comment: *

Name: *

Email: *

Verification: *

What are the responsibilities of the CRO?
Each correct answer represents a complete solution. Choose three.

• A.Managing the supporting risk management function
• B.Managing the risk assessment process
• C.Advising Board of Directors
• D.Implement corrective actions

Comment: *

Name: *

Email: *

Verification: *