Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. ISACA
  3. CRISC

ISACA Certified in Risk and Information Systems Control CRISC Exam Questions in PDF

Free ISACA CRISC Dumps Questions (page: 35)

CRISC PDF — 1895 Questions

You are the project manager of HGT project. You are in the first phase of the risk response process and are doing following tasks:
-Communicating risk analysis results
-Reporting risk management activities and the state of compliance Interpreting independent risk assessment findings
-Identifying business opportunities

Which of the following process are you performing?

  1. Articulating risk
  2. Mitigating risk
  3. Tracking risk
  4. Reporting risk

Answer(s): A

Explanation:

Articulating risk is the first phase in the risk response process to ensure that information on the true state of exposures and opportunities are made available in a timely manner and to the right people for appropriate response. Following are the tasks that are involved in articulating risk:
Communicate risk analysis results.
Report risk management activities and the state of compliance. Interpret independent risk assessment findings.
Identify business opportunities.

Incorrect Answers:
B: Risk mitigation attempts to reduce the probability of a risk event and its impacts to an acceptable level. Risk mitigation can utilize various forms of control carefully integrated together. This comes under risk response process and is latter stage after articulating risk.

C: Tracking risk is the process of tracking the ongoing status of risk mitigation processes. This tracking ensures that the risk response strategy remains active and that proposed controls are implemented according to schedule.

D: This is not related to risk response process. It is a type of risk. Reporting risks are the risks that are caused due to wrong reporting which leads to bad decision.



Which of the following BEST measures the operational effectiveness of risk management capabilities?

  1. Capability maturity models (CMMs)
  2. Metric thresholds
  3. Key risk indicators (KRIs)
  4. Key performance indicators (KPIs)

Answer(s): D

Explanation:

Key performance indicators (KPIs) provide insights into the operational effectiveness of the concept or capability that they monitor. Key Performance Indicators is a set of measures that a company or industry uses to measure and/or compare performance in terms of meeting their strategic and operational goals. KPIs vary with company to company, depending on their priorities or performance criteria.

A company must establish its strategic and operational goals and then choose their KPIs which can best reflect those goals. For example, if a software company's goal is to have the fastest growth in its industry, its main performance indicator may be the measure of its annual revenue growth.

Incorrect Answers:
A: Capability maturity models (CMMs) assess the maturity of a concept or capability and do not provide insights into operational effectiveness.

B: Metric thresholds are decision or action points that are enacted when a KPI or KRI reports a specific value or set of values. It does not provide any insights into operational effectiveness.

C: Key risk indicators (KRIs) only provide insights into potential risks that may exist or be realized within a concept or capability that they monitor. Key Risk Indicators are the prime monitoring indicators of the enterprise. KRIs are highly relevant and possess a high probability of predicting or indicating important risk. KRIs help in avoiding excessively large number of risk indicators to manage and report that a large enterprise may have.



You are the project manager of GHT project. You have initiated the project and conducted the feasibility study. What result would you get after conducting feasibility study?
Each correct answer represents a complete solution. (Choose two.)

  1. Recommend alternatives and course of action
  2. Risk response plan
  3. Project management plan
  4. Results of criteria analyzed, like costs, benefits, risk, resources required and organizational impact

Answer(s): A,D

Explanation:

The completed feasibility study results should include a cost/benefit analysis report that:
Provides the results of criteria analyzed (e.g., costs, benefits, risk, resources required and organizational impact)

Recommends one of the alternatives and a course of action

Incorrect Answers:
B, C: Project management plan and risk response plan are the results of plan project management and plan risk response, respectively. They are not the result of feasibility study.



Your project change control board has approved several scope changes that will drastically alter your project plan. You and the project team set about updating the project scope, the WBS, the WBS dictionary, the activity list, and the project network diagram. There are also some changes caused to the project risks, communication, and vendors. What also should the project manager update based on these scope changes?

  1. Stakeholder identification
  2. Vendor selection process
  3. Quality baseline
  4. Process improvement plan

Answer(s): C

Explanation:

When changes enter the project scope, the quality baseline is also updated. The quality baseline records the quality objectives of the project and is based on the project requirements.

Incorrect Answers:
A: The stakeholder identification process will not change because of scope additions. The number of stakeholders may change but how they are identified will not be affected by the scope addition.

B: The vendor selection process likely will not change because of added scope changes. The vendors in the project may, but the selection process will not.

D: The process improvement plan aims to improve the project's processes regardless of scope changes.



You are the risk control professional of your enterprise. You have implemented a tool that correlates information from multiple sources. To which of the following do this monitoring tool focuses?

  1. Transaction data
  2. Process integrity
  3. Configuration settings
  4. System changes

Answer(s): A

Explanation:

Monitoring tools that focuses on transaction data generally correlate information from one system to another, such as employee data from the human resources (HR) system with spending information from the expense system or the payroll system.

Incorrect Answers:
B: Process integrity is confirmed within the system, it does not need monitoring.

C: Configuration settings are generally compared against predefined values and not based on the correlation between multiple sources.

D: System changes are compared from a previous state to the current state, it does not correlate information from multiple sources.



Viewing page 35 of 361

Share your comments for ISACA CRISC exam with other users:

P
Priscila
7/22/2022 9:59:00 AM

i find the xengine test engine simulator to be more fun than reading from pdf.

GERMANY
S
suresh
12/16/2023 10:54:00 PM

nice document

Anonymous
W
Wali
6/4/2023 10:07:00 PM

thank you for making the questions and answers intractive and selectable.

UNITED STATES
N
Nawaz
7/18/2023 1:10:00 AM

answers are correct?

UNITED STATES
D
das
6/23/2023 7:57:00 AM

can i belive this dump

INDIA
S
Sanjay
10/15/2023 1:34:00 PM

great site to practice for sitecore exam

INDIA
J
jaya
12/17/2023 8:36:00 AM

good for students

UNITED STATES
B
Bsmaind
8/20/2023 9:23:00 AM

nice practice dumps

Anonymous
K
kumar
11/15/2023 11:24:00 AM

nokia 4a0-114 dumps

Anonymous
V
Vetri
10/3/2023 12:59:00 AM

great content and wonderful to have the answers with explanation

UNITED STATES
R
Ranjith
8/21/2023 3:39:00 PM

for question #118, the answer is option c. the screen shot is showing the drop down, but the answer is marked incorrectly please update . thanks for sharing such nice questions.

Anonymous
E
Eduardo Ramírez
12/11/2023 9:55:00 PM

the correct answer for the question 29 is d.

Anonymous
D
Dass
11/2/2023 7:43:00 AM

question no 22: correct answers: bc, 1 per session 1 per page 1 per component always

UNITED STATES
R
Reddy
12/14/2023 2:42:00 AM

these are pretty useful

Anonymous
D
Daisy Delgado
1/9/2023 1:05:00 PM

awesome

UNITED STATES
A
Atif
6/13/2023 4:09:00 AM

yes please upload

UNITED STATES
X
Xunil
6/12/2023 3:04:00 PM

great job whoever put this together, for the greater good! thanks!

Anonymous
L
Lakshmi
10/2/2023 5:26:00 AM

just started to view all questions for the exam

NETHERLANDS
R
rani
1/19/2024 11:52:00 AM

helpful material

Anonymous
G
Greg
11/16/2023 6:59:00 AM

hope for the best

UNITED STATES
H
hi
10/5/2023 4:00:00 AM

will post exam has finished

UNITED STATES
V
Vmotu
8/24/2023 11:14:00 AM

really correct and good analyze!

AZERBAIJAN
H
hicham
5/30/2023 8:57:00 AM

excellent thanks a lot

FRANCE
S
Suman C
7/7/2023 8:13:00 AM

will post once pass the cka exam

INDIA
R
Ram
11/3/2023 5:10:00 AM

good content

Anonymous
N
Nagendra Pedipina
7/13/2023 2:12:00 AM

q:32 answer has to be option c

INDIA
T
Tamer Barakat
12/7/2023 5:17:00 PM

nice questions

Anonymous
D
Daryl
8/1/2022 11:33:00 PM

i really like the support team in this website. they are fast in communication and very helpful.

UNITED KINGDOM
C
Curtis Nakawaki
6/29/2023 9:13:00 PM

a good contemporary exam review

UNITED STATES
X
x-men
5/23/2023 1:02:00 AM

q23, its an array, isnt it? starts with [ and end with ]. its an array of objects, not object.

UNITED STATES
A
abuti
7/21/2023 6:24:00 PM

cool very helpfull

Anonymous
K
Krishneel
3/17/2023 10:34:00 AM

i just passed. this exam dumps is the same one from prepaway and examcollection. it has all the real test questions.

INDIA
R
Regor
12/4/2023 2:01:00 PM

is this a valid prince2 practitioner dumps?

UNITED KINGDOM
A
asl
9/14/2023 3:59:00 PM

all are relatable questions

CANADA
AI Tutor 👋 I’m here to help!