The BEST way to determine the likelihood of a system availability risk scenario is by assessing the:

• A.availability of fault tolerant software
• B.strategic plan for business growth
• C.vulnerability scan results of critical systems
• D.redundancy of technical infrastructure

Comment: *

Name: *

Email: *

Verification: *

A trusted third party service provider has determined that the risk of a client's systems being hacked is low.
Which of the following would be the client's BEST course of action?

• A.Accept the risk based on the third party's risk assessment
• B.Perform their own risk assessment
• C.Implement additional controls to address the risk.
• D.Perform an independent audit of the third party.

Comment: *

Name: *

Email: *

Verification: *

A risk heat map is MOST commonly used as part of an IT risk analysis to facilitate risk:

• A.treatment
• B.identification
• C.communication
• D.assessment

Comment: *

Name: *

Email: *

Verification: *

What is the PRIMARY reason to periodically review key performance indicators (KPIs)?

• A.Identify trends.
• B.Promote a risk-aware culture.
• C.Optimize resources needed for controls
• D.Ensure compliance.

Comment: *

Name: *

Email: *

Verification: *

An IT risk practitioner has determined that mitigation activities differ from an approved risk action plan.
Which of the following is the risk practitioner's BEST course of action?

• A.Revert the implemented mitigation measures until approval is obtained
• B.Validate the adequacy of the implemented risk mitigation measures.
• C.Report the observation to the chief risk officer (CRO).
• D.Update the risk register with the implemented risk mitigation actions.

Comment: *

Name: *

Email: *

Verification: *