CRISC exam

You are the project manager of a large construction project. This project will last for 18 months and will cost $750,000 to complete. You are working with your project team, experts, and stakeholders to identify risks within the project before the project work begins. Management wants to know why you...

You and your project team are identifying the risks that may exist within your project. Some of the risks are small risks that won't affect your project much if they happen. What should you do with these identified risk events?A . These risks can be dismissed.B . These risks can...

You work as the project manager for Bluewell Inc. Your project has several risks that will affect several stakeholder requirements. Which project management plan will define who will be available to share information on the project risks?A . Risk Management PlanB . Stakeholder management strategyC . Communications Management PlanD ....

You are the project manager of a HGT project that has recently finished the final compilation process. The project customer has signed off on the project completion and you have to do few administrative closure activities. In the project, there were several large risks that could have wrecked the project...

You have been assigned as the Project Manager for a new project that involves development of a new interface for your existing time management system. You have completed identifying all possible risks along with the stakeholders and team and have calculated the probability and impact of these risks. Which of...

For which of the following risk management capability maturity levels do the statement given below is true? "Real-time monitoring of risk events and control exceptions exists, as does automation of policy management"A . Level 3B . Level 0C . Level 5D . Level 2View AnswerAnswer: C Explanation: An enterprise's risk...

Which of the following BEST describes the utility of a risk?A . The finance incentive behind the riskB . The potential opportunity of the riskC . The mechanics of how a risk worksD . The usefulness of the risk to individuals or groupsView AnswerAnswer: D Explanation: The utility of the...

Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using?A . Risk transferB . Risk acceptanceC . Risk avoidanceD . Risk mitigationView...

Which of the following is the BEST way to ensure that outsourced service providers comply with the enterprise's information security policy?A . Penetration testingB . Service level monitoringC . Security awareness trainingD . Periodic auditsView AnswerAnswer: D Explanation: As regular audits can spot gaps in information security compliance, periodic audits...

You are the project manager of GHT project. You have planned the risk response process and now you are about to implement various controls. What you should do before relying on any of the controls?A . Review performance dataB . Discover risk exposureC . Conduct pilot testingD . Articulate riskView...