Which of the following is the MOST critical element to maximize the potential for a successful security implementation?

• A.industry-leading security tools
• B.The organization's culture
• C.Ease of implementation
• D.The organization's knowledge

Comment: *

Name: *

Email: *

Verification: *

Suppose you are working in Company Inc. and you are using risk scenarios for estimating the likelihood and impact of the significant risks on this organization. Which of the following assessment are you doing?

• A.IT security assessment
• B.IT audit
• C.Threat and vulnerability assessment
• D.Risk assessment

Comment: *

Name: *

Email: *

Verification: *

Which of the following would MOST likely result in updates to an IT risk appetite statement?

• A.Feedback from focus groups
• B.Changes in senior management
• C.Self-assessment reports
• D.External audit findings

Comment: *

Name: *

Email: *

Verification: *

You are working on a project in an enterprise. Some part of your project requires e-commerce, but your enterprise choose not to engage in e-commerce. This scenario is demonstrating which of the following form?

• A.risk avoidance
• B.risk treatment
• C.risk acceptance
• D.risk transfer
• E.Explanation:
  Each business process involves inherent risk. Not engaging in any activity avoids the inherent risk associated with the activity. Hence this demonstrates risk avoidance.

Comment: *

Name: *

Email: *

Verification: *

Of the following, who is accountable for ensuing the effectiveness of a control to mitigate risk?

• A.Risk treatment owner
• B.Risk manager
• C.Control operator
• D.Control owner

Comment: *

Name: *

Email: *

Verification: *