An organization is considering allowing users to access company data from their personal devices. Which of the following is the MOST important factor when assessing the risk?

• A.Volume of data
• B.Type of device
• C.Remote management capabilities
• D.Classification of the data

Comment: *

Name: *

Email: *

Verification: *

You work as a Project Manager for Company Inc. You have to conduct the risk management activities for a project. Which of the following inputs will you use in the plan risk management process?
Each correct answer represents a complete solution. Choose all that apply.

• A.Quality management plan
• B.Schedule management plan
• C.Cost management plan
• D.Project scope statement

Correct Answer: B,C,D

Explanation/Reference:
Explanation:
The inputs to the plan risk management process are as follows:
Project scope statement: It provides a clear sense of the range of possibilities associated with the

project and establishes the framework for how significant the risk management effort may become.
Cost management plan: It describes how risk budgets, contingencies, and management reserves will

be reported and accessed.
Schedule management plan: It describes how the schedule contingencies will be reported and

assessed.
Communication management plan: It describes the interactions, which occurs on the project and

determines who will be available to share information on various risks and responses at different times.
Enterprise environmental factors: It include, but are not limited to, risk attitudes and tolerances that

describe the degree of risk that an organization withstand.
Organizational process assets: It includes, but are not limited to, risk categories, risk statement formats,

standard templates, roles and responsibilities, authority levels for decision-making, lessons learned, and stakeholder registers.
Incorrect Answers:
A: It is not an input for Plan risk management process.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the FIRST step when conducting a business impact analysis (BIA)?

• A.Creating a data classification scheme
• B.Analyzing previous risk assessment results
• C.Identifying events impacting continuity of operations;
• D.Identifying critical information assets

Comment: *

Name: *

Email: *

Verification: *

IT stakeholders have asked a risk practitioner for IT risk profile reports associated with specific departments to allocate resources for risk mitigation. The BEST way to address this request would be to use:

• A.key risk indicators (KRls).
• B.information from the risk register.
• C.historical risk assessments.
• D.the cost associated with each control.

Comment: *

Name: *

Email: *

Verification: *

Which of the following would be of GREATEST concern regarding an organization's asset management?

• A.Incomplete asset inventory
• B.Lack of a mature records management program
• C.Decentralized asset lists
• D.Lack of a dedicated asset management team

Comment: *

Name: *

Email: *

Verification: *