To which level the risk should be reduced to accomplish the objective of risk management?
Answer(s): C
The main objective of risk management is to reduce risk to a level that the organization or company will accept, as the risk can never be completely eliminated.Incorrect Answers:A, B: There are no such concepts existing in manipulating risk level.D: Risk mitigation involves identification, planning, and conduct of actions for reducing risk. Because the elimination of all risk is usually impractical or close to impossible, it is aimed at reducing risk to an acceptable level with minimal adverse impact on the organization's resources and mission.
You are the project manager of GHT project. Your hardware vendor left you a voicemail saying that the delivery of the equipment you have ordered would not arrive on time. You identified a risk response strategy for this risk and have arranged for a local company to lease you the needed equipment until yours arrives. This is an example of which risk response strategy?
Answer(s): D
Mitigation attempts to reduce the impact of a risk event in case it occurs. Making plans to arrange for the leased equipment reduces the consequences of the risk and hence this response in mitigation.B: Risk transfer means that impact of risk is reduced by transferring or otherwise sharing a portion of the risk with an external organization or another internal entity. Transfer of risk can occur in many forms but is most effective when dealing with financial risks. Insurance is one form of risk transfer.Here there no such action is taken, hence it is not a risk transfer.Incorrect Answers:A: Risk avoidance means to evade risk altogether, eliminate the cause of the risk event, or change the project plan to protect the project objectives from the risk event. Risk avoidance is applied when the level of risk, even after the applying controls, would be greater than the risk tolerance level of the enterprise. Hence this risk response is adopted when:There is no other cost-effective response that can successfully reduce the likelihood and magnitude below the defined thresholds for risk appetite.The risk cannot be shared or transferred.The risk is deemed unacceptable by management.C: Risk acceptance means that no action is taken relative to a particular risk; loss is accepted if it occurs. If an enterprise adopts a risk acceptance, it should carefully consider who can accept the risk. Risk should be accepted only by senior management in relationship with senior management and the board. There are two alternatives to the acceptance strategy, passive and active.Passive acceptance means that enterprise has made no plan to avoid or mitigate the risk but willing to accept the consequences of the risk.Active acceptance is the second strategy and might include developing contingency plans and reserves to deal with risks.
Who is at the BEST authority to develop the priorities and identify what risks and impacts would occur if there were loss of the organization's private information?
You are the project manager for TTP project. You are in the Identify Risks process. You have to create the risk register. Which of the following are included in the risk register?Each correct answer represents a complete solution. (Choose two.)
Answer(s): A,D
Risk register primarily contains the following:List of identified risks: A reasonable description of the identified risks is noted in the risk register. The description includes event, cause, effect, impact related to the risks identified. In addition to the list of identified risks, the root causes of those risks may appear in the risk register.List of potential responses: Potential responses to a risk may be identified during the Identify Risks process. These responses are useful as inputs to the Plan Risk Responses process.Incorrect Answers:B: This is not a valid content of risk register.A risk register is an inventory of risks and exposure associated with those risks. Risks are commonly found in project management practices, and provide information to identify, analyze, and manage risks. Typically a risk register contains:A description of the riskThe impact should this event actually occur The probability of its occurrenceRisk Score (the multiplication of Probability and Impact)A summary of the planned response should the event occurA summary of the mitigation (the actions taken in advance to reduce the probability and/or impact of the event)Ranking of risks by Risk Score so as to highlight the highest priority risks to all involved.C: Risk register do contain the summary of mitigation, but only after the applying risk response. Here in this scenario you are in risk identification phase, hence mitigation techniques cannot be documented at this situation.
You work as a project manager for BlueWell Inc. You are about to complete the quantitative risk analysis process for your project. You can use three available tools and techniques to complete this process. Which one of the following is NOT a tool or technique that is appropriate for the quantitative risk analysis process?
Organizational process asset is not a tool and technique, but an input to the quantitative risk analysis process. Quantitative Risk Analysis is a process to assess the probability of achieving particular project objectives, to quantify the effect of risks on the whole project objective, and to prioritize the risks based on the impact to overall project risk. Quantitative Risk Analysis process analyzes the affect of a risk event deriving a numerical value. It also presents a quantitative approach to build decisions in the presence of uncertainty. The inputs for Quantitative Risk Analysis are: Organizational process assets Project Scope StatementRisk Management Plan Risk RegisterProject Management PlanIncorrect Answers:A: Data gathering and representation technique is a tool and technique for the quantitative risk analysis process.B: Expert judgment is a tool and technique for the quantitative risk analysis process.C: Quantitative risk analysis and modeling techniques is a tool and technique for the quantitative risk analysis process.
Share your comments for ISACA CRISC exam with other users:
any recent feeedback?
question number 2 is indicating you are giving proper questions. observe and change properly.
passed today.40% questions were new.litwere case study,lots of new questions on afd,ratelimit,tm,lb,app gatway.got 2 set series of questions which are not present here.questions on azure cyclecloud, no.of vnet/vms required for implimentation,blueprints assignment/management group etc
practice test
want the dumps for emc content management server programming(cmsp)
brilliant and helpful
q75. azure files is pass
very helpful
thank you for these questions. it helped a lot.
how do i get the h12-724 dumps
nice data dumps
answers are correct
good explanation
hi team just want to know if there is any update version of the exam 350-401
helpful on 2017 scrum guide
planning to attempt for the exam.
pleaseee upload
thanks ly so i have information cia
hello team, i need sap qm dumps for practice
it’s good but not senatios based
q.119 - the correct answer is b - they are not captured in an update set as theyre data.
good matter
please upload c_sacp_2308
please upload the dump. thanks very much !!
good questions
hi, could you please update the latest dump version
this question is keep repeat : you are developing a sales application that will contain several azure cloud services and handle different components of a transaction. different cloud services will process customer orders, billing, payment, inventory, and shipping. you need to recommend a solution to enable the cloud services to asynchronously communicate transaction information by using xml messages. what should you include in the recommendation?
great questions
its realy good
oracle 1z0-1059-22 dumps
please share me the pdf..
q50: which two functions can be used by an end user when pivoting an interactive report? the correct answer is a, c because we do not have rank in the function pivoting you can check in the apex app
best to practice
so far it is good