The acceptance of control costs that exceed risk exposure is MOST likely an example of:

• A.low risk tolerance.
• B.corporate culture alignment.
• C.high risk tolerance
• D.corporate culture misalignment.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST indicator of the effectiveness of a control monitoring program?

• A.Time between control failure and failure detection
• B.Number of key controls as a percentage of total control count
• C.Time spent on internal control assessment reviews
• D.Number of internal control failures within the measurement period

Comment: *

Name: *

Email: *

Verification: *

In which of the following risk management capability maturity levels does the enterprise takes major business decisions considering the probability of loss and the probability of reward? Each correct answer represents a complete solution. Choose two.

• A.Level 0
• B.Level 2
• C.Level 5
• D.Level 4

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST way to ensure that outsourced service providers comply with the enterprise's information security policy?

• A.Penetration testing
• B.Service level monitoring
• C.Security awareness training
• D.Periodic audits

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be considered FIRST when assessing risk associated with the adoption of emerging technologies?

• A.Cost-benefit analysis
• B.Control self-assessment (CSA)
• C.Business requirements
• D.Organizational strategy

Comment: *

Name: *

Email: *

Verification: *