CRISC exam

Which of the following is the BEST way to ensure that outsourced service providers comply with the enterprise's information security policy?A . Penetration testingB . Service level monitoringC . Security awareness trainingD . Periodic auditsView AnswerAnswer: D Explanation: As regular audits can spot gaps in information security compliance, periodic audits...

What are the requirements of monitoring risk? Each correct answer represents a part of the solution. Choose three.A . Information of various stakeholdersB . Preparation of detailed monitoring planC . Identifying the risk to be monitoredD . Defining the project's scopeView AnswerAnswer: BCD Explanation: It is important to first understand...

Which of the following is true for Cost Performance Index (CPI)?A . If the CPI > 1, it indicates better than expected performance of projectB . CPI = Earned Value (EV) * Actual Cost (AC)C . It is used to measure performance of scheduleD . If the CPI = 1,...

Harry is the project manager of HDW project. He has identified a risk that could injure project team members. He does not want to accept any risk where someone could become injured on this project so he hires a professional vendor to complete this portion of the project work. What...

Which of the following risks is the risk that happen with an important business partner and affects a large group of enterprises within an area or industry?A . Contagious riskB . Reporting riskC . Operational riskD . Systemic riskView AnswerAnswer: D Explanation: Systemic risks are those risks that happen with...

Which of following is NOT used for measurement of Critical Success Factors of the project?A . ProductivityB . QualityC . QuantityD . Customer serviceView AnswerAnswer: C Explanation: Incorrect Answers: A, B, D: Productivity, quality and customer service are used for evaluating critical service factor of any particular project.

Ben works as a project manager for the MJH Project. In this project, Ben is preparing to identify stakeholders so he can communicate project requirements, status, and risks. Ben has elected to use a salience model as part of his stakeholder identification process. Which of the following activities best describes...

Which of the following events refer to loss of integrity? Each correct answer represents a complete solution. Choose three.A . Someone sees company's secret formulaB . Someone makes unauthorized changes to a Web siteC . An e-mail message is modified in transitD . A virus infects a fileView AnswerAnswer: BCD...

You are the project manager of GHT project. Your hardware vendor left you a voicemail saying that the delivery of the equipment you have ordered would not arrive on time. She wanted to give you a heads-up and asked that you return the call. Which of the following statements is...

You are the project manager of the NHH Project. You are working with the project team to create a plan to document the procedures to manage risks throughout the project. This document will define how risks will be identified and quantified. It will also define how contingency plans will be...