Which of the following is the PRIMARY reason to adopt key control indicators (KCIs) in the risk monitoring and reporting process?

• A.To provide assurance of adherence to risk management policies
• B.To provide assessments of mitigation effectiveness
• C.To provide measurements on the potential for risk to occur
• D.To provide data for establishing the risk profile

Comment: *

Name: *

Email: *

Verification: *

Which of the following would provide the MOST useful input when evaluating the appropriateness of risk responses?

• A.Risk tolerance
• B.Cost-benefit analysis
• C.Incident reports
• D.Control objectives

Comment: *

Name: *

Email: *

Verification: *

Accountability for a particular risk is BEST represented in a:

• A.risk register.
• B.RACI matrix.
• C.risk catalog.
• D.risk scenario.

Comment: *

Name: *

Email: *

Verification: *

You are the risk professional of your enterprise. Your enterprise has introduced new systems in many departments. The business requirements that were to be addressed by the new system are still unfulfilled, and the process has been a waste of resources. Even if the system is implemented, it will most likely be underutilized and not maintained making it obsolete in a short period of time. What kind of risk is it?

• A.Inherent risk
• B.Business risk
• C.Project risk
• D.Residual risk

Comment: *

Name: *

Email: *

Verification: *

Periodically reviewing and updating a risk register with details on identified risk factors PRIMARILY helps to:

• A.minimize the number of risk scenarios for risk assessment.
• B.build a threat profile of the organization for management review.
• C.provide a current reference to stakeholders for risk-based decisions.
• D.aggregate risk scenarios identified across different business units.

Comment: *

Name: *

Email: *

Verification: *