Which of the following is MOST important to understand when determining an appropriate risk assessment approach?
Correct Answer: A
Question 222
When prioritizing risk response, management should FIRST:
Correct Answer: A
Section: Volume D
Question 223
A risk practitioner is organizing risk awareness training for senior management. Which of the following is the MOST important topic to cover in the training session?
Correct Answer: B
Question 224
Which of the following BEST indicates the effectiveness of anti-malware software?
Correct Answer: A
Question 225
Which of the following processes addresses the risks by their priorities, schedules the project management plan as required, and inserts resources and activities into the budget?
Correct Answer: B
A is incorrect. Monitor and Control Risk is the process of implementing risk response plans, tracking identified risks, monitoring residual risk, identifying new risks, and evaluating risk process effectiveness throughout the project. It can involve choosing alternative strategies, executing a contingency or fallback plan, taking corrective action, and modifying the project management plan. Answer: D is incorrect. Qualitative analysis is the definition of risk factors in terms of high/medium/low or a numeric scale (1 to 10). Hence it determines the nature of risk on a relative scale. Some of the qualitative methods of risk analysis are: Scenario analysis- This is a forward-looking process that can reflect risk for a given point in time. Risk Control Self -assessment (RCSA) - RCSA is used by enterprises (like banks) for the identification and evaluation of operational risk exposure. It is a logical first step and assumes that business owners and managers are closest to the issues and have the most expertise as to the source of the risk. RCSA is a constructive process in compelling business owners to contemplate, and then explain, the issues at hand with the added benefit of increasing their accountability.
