Which of the following is true for risk evaluation?
Answer(s): C
Due to the reason that risk is constantly changing, it is being evaluated annually or when there is significant change. This gives best alternative as it takes into consideration a reasonable time frame of one year, and meanwhile it also addresses significant changes (if any).Incorrect Answers:A: Evaluating risk only when there are significant changes do not take into consideration the effect of time. As the risk is changing constantly, small changes do occur with time that would affect the overall risk. Hence risk evaluation should be done annually too.B: Evaluating risk once a year is not sufficient in the case when some significant change takes place. This significant change should be taken into account as it affects the overall risk.D: Risk evaluation need not to be done every four to six months for critical processes, as it does not address important changes in timely manner.
You work as a project manager for Bluewell Inc. You have identified a project risk. You have then implemented the risk action plan and it turn out to be non-effective. What type of plan you should implement in such case?
Answer(s): B
A risk fallback plan is a proper plan devised to identify definite action to be taken if the risk action plan (Risk Mitigation Plan) is not helpful. Fallback plan is important in Risk Response Planning. If the contingency plan for a risk is not successful, then the project team implements the fallback plan. Fall-back planning is intended for a known and specific activity that may perhaps fail to produce desired outcome. It is related with technical procedures and with the responsibility of the technical lead.Incorrect Answers:A, C, D: These all choices itself comes under risk action plan. As in the described scenario, risk action plan is not turned to be effective, these should not be implemented again.
You are completing the qualitative risk analysis process with your project team and are relying on the risk management plan to help you determine the budget, schedule for risk management, and risk categories. You discover that the risk categories have not been created. When the risk categories should have been created?
The plan risk management process is when risk categories were to be defined. If they were not defined, as in this scenario, it is acceptable to define the categories as part of the qualitative risk analysis process.Plan risk management is the process of defining the way to conduct the risk management activities. Planning is essential for providing sufficient resources and time for risk management activities, and to establish an agreed- upon basis of evaluating risks. This process should start as soon as project is conceived and should be completed early during project planning. Incorrect Answers:A: Risk categories are not defined through the define scope process.B: Risk categories are not defined through the risk identification process.D: Risk categories are not defined through the create work breakdown structure process.
You work as a project manager for BlueWell Inc. You have declined a proposed change request because of the risk associated with the proposed change request. Where should the declined change request be documented and stored?
Answer(s): A
The change request log records the status of all change requests, approved or declined.The change request log is used as an account for change requests and as a means of tracking their disposition on a current basis. The change request log develops a measure of consistency into the change management process. It encourages common inputs into the process and is a common estimation approach for all change requests. As the log is an important component of project requirements, it should be readily available to the project team members responsible for project delivery. It should be maintained in a file with read-only access to those who are not responsible for approving or disapproving project change requests.Incorrect Answers:B: The project archive includes all project documentation and is created through the close project or phase process. It is not the best choice for this option.C: Lessons learned are not the correct place to document the status of a declined, or approved, change request.D: The project document updates is not the best choice for this question. It can be placed into the project documents, but the declined changes are part of the change request log.
Capability maturity models are the models that are used by the enterprise to rate itself in terms of the least mature level to the most mature level. Which of the following capability maturity levels shows that the enterprise does not recognize the need to consider the risk management or the business impact from IT risk?
0 nonexistent: An enterprise's risk management capability maturity level is 0 when:The enterprise does not recognize the need to consider the risk management or the business impact from IT risk.Decisions involving risk lack credible information.Awareness of external requirements for risk management and integration with enterprise risk management (ERM) do not exists.Incorrect Answers:A, C, D: These all are higher levels of capability maturity model and in this enterprise is mature enough to recognize the importance of risk management.
Share your comments for ISACA CRISC exam with other users:
please provide me the dump
i failed the cisa exam today. but i have found all the questions that were on the exam to be on this site.
in question 272 the right answer states that an autonomous acces point is "configured and managed by the wlc" but this is not what i have learned in my ccna course. is this a mistake? i understand that lightweight aps are managed by wlc while autonomous work as standalones on the wlan.
it was helpful
good question
really nice
please i need dumps for isc2 cybersecuity
ans is coldline i think
very helpful
can you please provide dumps so that it helps me more
thank you for providing me with the updated question and answers. this version has all the questions from the exam. i just saw them in my exam this morning. i passed my exam today.
how i can see exam questions?
can you please upload please?
question 75: option c is correct answer
please add this exam
please upoad
has anyone recently attended safe 6.0 certification? is it the samq question from here.
expository experience
52 should be b&c. controller failure has nothing to do with this type of issue. degraded state tells us its a raid issue, and if the os is missing then the bootable device isnt found. the only other consideration could be data loss but thats somewhat broad whereas b&c show understanding of the specific issues the question is asking about.
great help!!!
very useful tools
looks a good platform to prepare az-104
want to pass the exam
good resource
question 11 : d
only the free dumps will be enough for pass, or have to purchase the premium one. please suggest.
good questions. thanks.
good for practice.
great case study
the questions in this exam dumps is valid. i passed my test last monday. i only whish they had their pricing in inr instead of usd. but it is still worth it.
q40 the answer is not d, why are you giving incorrect answers? snapshot consolidation is used to merge the snapshot delta disk files to the vm base disk
thanks, very relevant
wrong answer. it is true not false.
please i need the mo-100 questions