How are the potential choices of risk based decisions are represented in decision tree analysis?
Answer(s): D
The potential choices of risk based decisions are represented in decision tree analysis via. Decision node, as decision nodes refers to the available choices.Incorrect Answers:A: End nodes are the final outcomes of the entire decision tree framework, especially in multilayered decision- making situations.B: Root nodes represent the start of a decision tree.C: Event nodes represents the possible uncertain outcomes of the decision, and not the available choices.
You are the project manager of the HJK Project for your organization. You and the project team have created risk responses for many of the risk events in the project. Where should you document the proposed responses and the current status of all identified risks?
Answer(s): C
Risks and the corresponding responses are documented in the risk register for the project. Risk register is a document that contains the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning. Description, category, cause, probability of occurring, impact on objectives, proposed responses, owner, and the current status of all identified risks are put in the risk register.Incorrect Answers:A: The stakeholder management strategy defines how stakeholders and their threats, perceived threats, opinions, and influence over the project objectives will be addressed and managed.B: The outcome of risk events and the corresponding risk responses may be documented in the project's lessons learned documented, but the best answer is to document the risk responses as part of the risk register.D: The risk management plan defines how risks will be identified and analyzed, the available responses, and the monitoring and controlling of the risk events. The actual risk responses are included in the risk register.
Which is the MOST important parameter while selecting appropriate risk response?
Answer(s): A
The cost of the response, which is applied so as to reduce risk within tolerance levels, is one of the most important parameter. By considering the cost of response, it is decided whether or not benefits of applying response is greater than accepting the risk; and according to this analysis it is decided whether the certain response should be applied or not. For example, if risk transfer response is applied by using insurance, then cost would be the cost of insurance.Incorrect Answers:B: This parameter is considered after analyzing the cost of response, which will further decide the level of sophistication of risk response. The enterprise's capability to implement the response means that if the risk management process is mature then the risk response is moreC: This is one of the parameters that is considered but is not as important as considering cost of response. The importance of the risk is determined by the combination of likelihood and magnitude levels along with its position on the risk map.D: Efficiency of response can only be analyzed after applying the response. So it is the latter stage in selection of response.
You are the project manager of HFD project. You have identified several project risks. You have adopted alternatives to deal with these risks which do not attempt to reduce the probability of a risk event or its impacts. Which of the following response have you implemented?
Contingent response strategy, also known as contingency planning, involves adopting alternatives to deal with the risks in case of their occurrence. Unlike the mitigation planning in which mitigation looks to reduce the probability of the risk and its impact, contingency planning doesn't necessarily attempt to reduce the probability of a risk event or its impacts. Contingency comes into action when the risk event actually occurs.Incorrect Answers:A: Risk acceptance means that no action is taken relative to a particular risk; loss is accepted if it occurs. If an enterprise adopts a risk acceptance, it should carefully consider who can accept the risk. Risk should be accepted only by senior management in relationship with senior management and the board. There are two alternatives to the acceptance strategy, passive and active.Passive acceptance means that enterprise has made no plan to avoid or mitigate the risk but willing to accept the consequences of the risk.Active acceptance is the second strategy and might include developing contingency plans and reserves to deal with risks.B: Risk mitigation attempts to reduce the probability of a risk event and its impacts to an acceptable level. Risk mitigation can utilize various forms of control carefully integrated together. The main control types are:Managerial(e.g.,policies)Technical (e.g., tools such as firewalls and intrusion detection systems) Operational (e.g., procedures, separation of duties)Preparedness activitiesC: Risk avoidance means to evade risk altogether, eliminate the cause of the risk event, or change the project plan to protect the project objectives from the risk event.
In which of the following risk management capability maturity levels risk appetite and tolerance are applied only during episodic risk assessments?
An enterprise's risk management capability maturity level is 1 when:There is an understanding that risk is important and needs to be managed, but it is viewed as a technical issue and the business primarily considers the downside of IT risk.Any risk identification criteria vary widely across the enterprise.Risk appetite and tolerance are applied only during episodic risk assessments. Enterprise risk policies and standards are incomplete and/or reflect only external requirements and lack defensible rationale and enforcement mechanisms.Risk management skills exist on an ad hoc basis, but are not actively developed.Ad hoc inventories of controls that are unrelated to risk are dispersed across desktop applications.Incorrect Answers:A: In level 3 of risk management capability maturity model, local tolerances drive the enterprise risk tolerance.B: In level 2 of risk management capability maturity model, risk tolerance is set locally and may be difficult to aggregate.C: In level 4 of risk management capability maturity model, business risk tolerance is reflected by enterprise policies and standards reflect.
Share your comments for ISACA CRISC exam with other users:
please upload it
does anybody know if are these real exam questions?
are these questions similar to actual questions in the exam? because they seem to be too easy
i have a lot of experience but what comes in the exam is totally different from the practical day to day tasks. so i thought i would rather rely on these brain dumps rather failing the exam.
good questions
valied exam dumps. they were very helpful and i got a pretty good score. i am very grateful for this service and exam questions
will it help?
very useful to verify knowledge before exam
good stuffs
question 17 : responses arent b and c ?
just passed the exam on my first try using these dumps.
very helpful
these questions look good.
this is very helpful content
please provide the dumps
it is amazing
quesion 178 about "a banking system that predicts whether a loan will be repaid is an example of the" the answer is classification. not regresion, you should fix it.
please upload apache spark dumps
q14 is b&c to reduce you will switch off mail for every single alert and you will switch on daily digest to get a mail once per day, you might even skip the empty digest mail but i see this as a part of the daily digest adjustment
i think it is good question
good for students who wish to give certification.
is there a google drive link to the images? the links in questions are not working.
very promising, looks great, so much wow!
i scored 87% on the az-204 exam. thanks! i always trust
good need more
sample questions seems good
huawei is ok
good one nice
please continue
this exam dumps just did the job. i donot want to ruffle your feathers but your exam dumps and mock test engine is amazing.
nice questions
the explanation are really helpful
just passed my exam yesterday on my first attempt. these dumps were extremely helpful in passing first time. the questions were very, very similar to these questions!
cosmos db is paas not saas