ISACA Certified in Risk and Information Systems Control CRISC Dumps in PDF

Free ISACA CRISC Real Questions (page: 69)

You are the project manager of GHT project. A stakeholder of this project requested a change request in this project. What are your responsibilities as the project manager that you should do in order to approve this change request?
Each correct answer represents a complete solution. Choose two.

  1. Archive copies of all change requests in the project file.
  2. Evaluate the change request on behalf of the sponsor
  3. Judge the impact of each change request on project activities, schedule and budget.
  4. Formally accept the updated project plan

Answer(s): A,C

Explanation:

Project manager responsibilities related to the change request approval process is judging the impact of each change request on project activities, schedule and budget, and also archiving copies of all change requests in the project file.

Incorrect Answers:
B: This is the responsibility of Change advisory board.

D: Pm has not the authority to formally accept the updated project plan. This is done by project sponsors so as to approve the change request.



Natural disaster is BEST associated to which of the following types of risk?

  1. Short-term
  2. Long-term
  3. Discontinuous
  4. Large impact

Answer(s): C

Explanation:

Natural disaster can be a long-term or short-term and can have large or small impact on the company. However, as the natural disasters are unpredictable and infrequent, they are best considered as discontinuous.

Incorrect Answers:
A: Natural disaster can be a short-term, but it is not the best answer. B: Natural disaster can be a long-term, but it is not the best answer.
D: Natural disaster can be of large impact depending upon its nature, but it is not the best answer.



Which of the following controls focuses on operational efficiency in a functional area sticking to management policies?

  1. Internal accounting control
  2. Detective control
  3. Administrative control
  4. Operational control

Answer(s): C

Explanation:

Administrative control is one of the objectives of internal control and is concerned with ensuring efficiency and compliance with management policies.

Incorrect Answers:
A: It controls accounting operations, including safeguarding assets and financial records.

B: Detective control simply detects and reports on the occurrence of an error, omission or malicious act.

D: It focuses on day-to-day operations, functions, and activities. It also ensures that all the organization's objectives are being accomplished.



You are the project manager of HJT project. You want to measure the operational effectiveness of risk management capabilities. Which of the following is the BEST option to measure the operational effectiveness?

  1. Key risk indicators
  2. Capability maturity models
  3. Key performance indicators
  4. Metric thresholds

Answer(s): C

Explanation:

Key performance indicators are a set of quantifiable measures that a company or industry uses to gauge or compare performance in terms of meeting their strategic and operational goals. Key performance indicators (KPIs) provide insights into the operational effectiveness of the concept or capability that they monitor.

Incorrect Answers:
A: Key risk Indicators (KRIs) only provide insights into potential risks that may exist or be realized within a concept or capability that they monitor.

B: Capability maturity models (CMMs) assess the maturity of a concept or capability and do not provide insights into operational effectiveness.

D: Metric thresholds are decision or action points that are enacted when a KPI or KRI reports a specific value or set of values.



What are the functions of the auditor while analyzing risk?
Each correct answer represents a complete solution. Choose three.

  1. Aids in determining audit objectives
  2. Identify threats and vulnerabilities to the information system
  3. Provide information for evaluation of controls in audit planning
  4. Supporting decision based on risks

Answer(s): A,C,D

Explanation:

A risk analysis involves identifying the most probable threats to an organization and analyzing the related vulnerabilities of the organization to these threats. A risk from an organizational perspective consists of:
Threats to various processes of organization. Threats to physical and information assets. Likelihood and frequency of occurrence from threat. Impact on assets from threat and vulnerability.
Risk analysis allows the auditor to do the following tasks :
Threats to various processes of organization. Threats to physical and information assets. Likelihood and frequency of occurrence from threat. Impact on assets from threat and vulnerability.
Risk analysis allows the auditor to do the following tasks :
Identify threats and vulnerabilities to the enterprise and its information system. Provide information for evaluation of controls in audit planning.
Aids in determining audit objectives. Supporting decision based on risks.

Incorrect Answers:
B: Auditors identify threats and vulnerability not only in the IT but the whole enterprise as well.



Share your comments for ISACA CRISC exam with other users:

M
MortonG
10/19/2023 6:32:00 PM

question: 128 d is the wrong answer...should be c

J
Jayant
11/2/2023 3:15:00 AM

thanks for az 700 dumps

B
Bipul Mishra
12/14/2023 7:12:00 AM

thank you for this tableau dumps . it will helpfull for tableau certification

H
hello
10/31/2023 12:07:00 PM

good content

M
Matheus
9/3/2023 2:14:00 PM

just testing if the comments are real

Y
yenvti2@gmail.com
8/12/2023 7:56:00 PM

very helpful for exam preparation

M
Miguel
10/5/2023 12:16:00 PM

question 11: https://help.salesforce.com/s/articleview?id=sf.admin_lead_to_patient_setup_overview.htm&type=5

N
Noushin
11/28/2023 4:52:00 PM

i think the answer to question 42 is b not c

S
susan sandivore
8/28/2023 1:00:00 AM

thanks for the dump

A
Aderonke
10/31/2023 12:51:00 AM

fantastic assessments

P
Priscila
7/22/2022 9:59:00 AM

i find the xengine test engine simulator to be more fun than reading from pdf.

S
suresh
12/16/2023 10:54:00 PM

nice document

W
Wali
6/4/2023 10:07:00 PM

thank you for making the questions and answers intractive and selectable.

N
Nawaz
7/18/2023 1:10:00 AM

answers are correct?

D
das
6/23/2023 7:57:00 AM

can i belive this dump

S
Sanjay
10/15/2023 1:34:00 PM

great site to practice for sitecore exam

J
jaya
12/17/2023 8:36:00 AM

good for students

B
Bsmaind
8/20/2023 9:23:00 AM

nice practice dumps

K
kumar
11/15/2023 11:24:00 AM

nokia 4a0-114 dumps

V
Vetri
10/3/2023 12:59:00 AM

great content and wonderful to have the answers with explanation

R
Ranjith
8/21/2023 3:39:00 PM

for question #118, the answer is option c. the screen shot is showing the drop down, but the answer is marked incorrectly please update . thanks for sharing such nice questions.

E
Eduardo Ramírez
12/11/2023 9:55:00 PM

the correct answer for the question 29 is d.

D
Dass
11/2/2023 7:43:00 AM

question no 22: correct answers: bc, 1 per session 1 per page 1 per component always

R
Reddy
12/14/2023 2:42:00 AM

these are pretty useful

D
Daisy Delgado
1/9/2023 1:05:00 PM

awesome

A
Atif
6/13/2023 4:09:00 AM

yes please upload

X
Xunil
6/12/2023 3:04:00 PM

great job whoever put this together, for the greater good! thanks!

L
Lakshmi
10/2/2023 5:26:00 AM

just started to view all questions for the exam

R
rani
1/19/2024 11:52:00 AM

helpful material

G
Greg
11/16/2023 6:59:00 AM

hope for the best

H
hi
10/5/2023 4:00:00 AM

will post exam has finished

V
Vmotu
8/24/2023 11:14:00 AM

really correct and good analyze!

H
hicham
5/30/2023 8:57:00 AM

excellent thanks a lot

S
Suman C
7/7/2023 8:13:00 AM

will post once pass the cka exam

AI Tutor 👋 I’m here to help!