ISACA CRISC Certified in Risk and Information Systems Control Online Training
ISACA CRISC Online Training
The questions for CRISC were last updated at Nov 23,2024.
- Exam Code: CRISC
- Exam Name: Certified in Risk and Information Systems Control
- Certification Provider: ISACA
- Latest update: Nov 23,2024
Which of the following is the MOST important benefit of key risk indicators (KRIs)’
- A . Assisting in continually optimizing risk governance
- B . Enabling the documentation and analysis of trends
- C . Ensuring compliance with regulatory requirements
- D . Providing an early warning to take proactive actions
Which of the following is the BEST way for a risk practitioner to help management prioritize risk response?
- A . Align business objectives to the risk profile.
- B . Assess risk against business objectives
- C . Implement an organization-specific risk taxonomy.
- D . Explain risk details to management.
Which of the following would provide the BEST guidance when selecting an appropriate risk treatment plan?
- A . Risk mitigation budget
- B . Business Impact analysis
- C . Cost-benefit analysis
- D . Return on investment
A systems interruption has been traced to a personal USB device plugged into the corporate network by an IT employee who bypassed internal control procedures.
Of the following, who should be accountable?
- A . Business continuity manager (BCM)
- B . Human resources manager (HRM)
- C . Chief risk officer (CRO)
- D . Chief information officer (CIO)
A web-based service provider with a low risk appetite for system outages is reviewing its current risk profile for online security .
Which of the following observations would be MOST relevant to escalate to senior management?
- A . An increase in attempted distributed denial of service (DDoS) attacks
- B . An increase in attempted website phishing attacks
- C . A decrease in achievement of service level agreements (SLAs)
- D . A decrease in remediated web security vulnerabilities
Which of the following elements of a risk register is MOST likely to change as a result of change in management’s risk appetite?
- A . Key risk indicator (KRI) thresholds
- B . Inherent risk
- C . Risk likelihood and impact
- D . Risk velocity
Which of the following would be a risk practitioners BEST recommendation for preventing cyber intrusion?
- A . Establish a cyber response plan
- B . Implement data loss prevention (DLP) tools.
- C . Implement network segregation.
- D . Strengthen vulnerability remediation efforts.
An organization wants to assess the maturity of its internal control environment.
The FIRST step should be to:
- A . validate control process execution.
- B . determine if controls are effective.
- C . identify key process owners.
- D . conduct a baseline assessment.
Which of the following roles would provide the MOST important input when identifying IT risk scenarios?
- A . Information security managers
- B . Internal auditors
- C . Business process owners
- D . Operational risk managers
Which of the following risk register updates is MOST important for senior management to review?
- A . Extending the date of a future action plan by two months
- B . Retiring a risk scenario no longer used
- C . Avoiding a risk that was previously accepted
- D . Changing a risk owner
Latest CRISC Dumps Valid Version with 933 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
