An organization has decided to implement a new Internet of Things (loT) solution. Which of the following should be done FIRST when addressing security concerns associated with this new technology?

• A.Develop new loT risk scenarios.
• B.Engage external security reviews.
• C.Implement loT device monitoring software.
• D.Introduce controls to the new threat environment.

Comment: *

Name: *

Email: *

Verification: *

What should be considered while developing obscure risk scenarios?
Each correct answer represents a part of the solution. Choose two.

• A.Visibility
• B.Controls
• C.Assessment methods
• D.Recognition

Correct Answer: A,D

Explanation/Reference:
Explanation:
The enterprise must consider risk that has not yet occurred and should develop scenarios around unlikely, obscure or non-historical events.
Such scenarios can be developed by considering two things:
Visibility

Recognition

For the fulfillment of this task enterprise must:
Be in a position that it can observe anything going wrong

Have the capability to recognize an observed event as something wrong

Comment: *

Name: *

Email: *

Verification: *

What are the responsibilities of the CRO?
Each correct answer represents a complete solution. Choose three.

• A.Managing the risk assessment process
• B.Implement corrective actions
• C.Advising Board of Directors
• D.Managing the supporting risk management function

Comment: *

Name: *

Email: *

Verification: *

You are the project manager of a SGT project. You have been actively communicating and working with the project stakeholders. One of the outputs of the "manage stakeholder expectations" process can actually create new risk events for your project. Which output of the manage stakeholder expectations process can create risks?

• A.Project management plan updates
• B.An organizational process asset updates
• C.Change requests
• D.Project document updates
• E.Explanation:
  The manage stakeholder expectations process can create change requests for the project, which
  can cause new risk events to enter into the project.
  Change requests are requests to expand or reduce the project scope, modify policies, processes,
  plans, or procedures, modify costs or budgets or revise schedules. These requests for a change
  can be direct or indirect, externally or internally initiated, and legally or contractually imposed or
  optional. A Project Manager needs to ensure that only formally documented requested changes
  are processed and
  only approved change requests are implemented.
• F.is incorrect. The project management plan updates do not create new risks.
• G.is incorrect. The project document updates do not create new risks.

Comment: *

Name: *

Email: *

Verification: *

You are an experienced Project Manager that has been entrusted with a project to develop a machine which produces auto components. You have scheduled meetings with the project team and the key stakeholders to identify the risks for your project. Which of the following is a key output of this process?

• A.Risk Register
• B.Risk Management Plan
• C.Risk Breakdown Structure
• D.Risk Categories
• E.Explanation:
  The primary outputs from Identify Risks are the initial entries into the risk register. The risk register ultimately contains the outcomes of other risk management processes as they are conducted, resulting in an increase in the level and type of information contained in the risk register over time.

Comment: *

Name: *

Email: *

Verification: *