Which of the following will BEST help to ensure that information system controls are effective?

• A.Testing controls periodically
• B.Responding promptly to control exceptions
• C.Automating manual controls
• D.Implementing compensating controls

Comment: *

Name: *

Email: *

Verification: *

You are the risk professional of your enterprise. You have performed cost and benefit analysis of control that you have adopted. What are all the benefits of performing cost and benefit analysis of control? Each correct answer represents a complete solution. Choose three.

• A.It helps in determination of the cost of protecting what is important
• B.It helps in taking risk response decisions
• C.It helps in providing a monetary impact view of risk
• D.It helps making smart choices based on potential risk mitigation costs and losses

Comment: *

Name: *

Email: *

Verification: *

What is the IMMEDIATE step after defining set of risk scenarios?

• A.Risk mitigation
• B.Risk monitoring
• C.Risk management
• D.Risk analysis

Comment: *

Name: *

Email: *

Verification: *

Which of the following would BEST help identify the owner for each risk scenario in a risk register?

• A.Allocating responsibility for risk factors equally to asset owners.
• B.Determining resource dependency of assets.
• C.Mapping identified risk factors to specific business processes.
• D.Determining which departments contribute most to risk.

Comment: *

Name: *

Email: *

Verification: *

Which of the following aspects of an IT risk and control self-assessment would be MOST important to include in a report to senior management?

• A.A decrease in the number of key controls
• B.Changes in control design
• C.Changes in control ownership
• D.An increase in residual risk

Comment: *

Name: *

Email: *

Verification: *