Isaca CRISC Practice Questions| TestInsights

Question 1

Which of the following is MOST important to determine as a result of a risk assessment?

AProcess ownership

BRisk appetite statement

CRisk tolerance levels

DRisk response options

Correct : D

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

AProcess ownership

BRisk appetite statement

CRisk tolerance levels

DRisk response options

Question 2

Which of the following is the GREATEST benefit of using IT risk scenarios?

AThey support compliance with regulations.

BThey provide evidence of risk assessment.

CThey facilitate communication of risk.

DThey enable the use of key risk indicators (KRls)

Correct : C

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

AThey support compliance with regulations.

BThey provide evidence of risk assessment.

CThey facilitate communication of risk.

DThey enable the use of key risk indicators (KRls)

Question 3

When implementing an IT risk management program, which of the following is the BEST time to evaluate current control effectiveness?

ABefore defining a framework

BDuring the risk assessment

CWhen evaluating risk response

DWhen updating the risk register

Correct : B

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

ABefore defining a framework

BDuring the risk assessment

CWhen evaluating risk response

DWhen updating the risk register

Question 4

An organization uses one centralized single sign-on (SSO) control to cover many applications. Which of the following is the BEST course of action when a new application is added to the environment after testing of the SSO control has been completed?

AInitiate a retest of the full control

BRetest the control using the new application as the only sample.

CReview the corresponding change control documentation

DRe-evaluate the control during (he next assessment

Correct : A

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

AInitiate a retest of the full control

BRetest the control using the new application as the only sample.

CReview the corresponding change control documentation

DRe-evaluate the control during (he next assessment

Question 5

A recent risk workshop has identified risk owners and responses for newly identified risk scenarios. Which of the following should be the risk practitioner s NEXT step? r

APrepare a business case for the response options.

BIdentify resources for implementing responses.

CDevelop a mechanism for monitoring residual risk.

DUpdate the risk register with the results.

Correct : D

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

APrepare a business case for the response options.

BIdentify resources for implementing responses.

CDevelop a mechanism for monitoring residual risk.

DUpdate the risk register with the results.

Curious about Actual Isaca Certified in Risk and Information Systems Control Exam Questions?

Options Selected by Other Users:

Options Selected by Other Users:

Options Selected by Other Users:

Options Selected by Other Users:

Options Selected by Other Users: