You are the project manager of a project in Bluewell Inc. You and your project team have identified several project risks, completed risk analysis, and are planning to apply most appropriate risk responses. Which of the following tools would you use to choose the appropriate risk response?
Correct Answer: C
Explanation/Reference: Explanation: Decision tree analysis is a risk analysis tool that can help the project manager in determining the best risk response. The tool can be used to measure probability, impact, and risk exposure and how the selected risk response can affect the probability and/or impact of the selected risk event. It helps to form a balanced image of the risks and opportunities connected with each possible course of action. This makes them mostly useful for choosing between different strategies, projects, or investment opportunities particularly when the resources are limited. A decision tree is a decision support tool that uses a tree-like graph or model of decisions and their possible consequences, including chance event outcomes, resource costs, and utility. Incorrect Answers: A: Project network diagrams help the project manager and stakeholders visualize the flow of the project work, but they are not used as a part of risk response planning. B: Cause-and-effect analysis is used for exposing risk factors and not an effective one in risk response planning. This analysis involves the use of predictive or diagnostic analytical tool for exploring the root causes or factors that contribute to positive or negative effects or outcomes. D: Delphi technique is used for risk analysis, i.e., for identifying the most probable risks. Delphi is a group of experts who used to rate independently the business risk of an organization. Each expert analyzes the risk independently and then prioritizes the risk, and the result is combined into a consensus.
Question 112
Which of the following should be considered FIRST when assessing risk associated with the adoption of emerging technologies?
Correct Answer: C
Question 113
A multinational organization is considering implementing standard background checks to' all new employees A KEY concern regarding this approach
Correct Answer: C
Question 114
Which of the following is the PRIMARY requirement before choosing Key performance indicators of an enterprise?
Correct Answer: D,E
is incorrect. This is not the valid answer. Answer:A is incorrect. Determination of size and complexity of the enterprise is the selection criteria of the KRI, not KPI. KPI does not have any relevancy with size and complexity of the enterprise. Answer:C is incorrect. Type of market in which the enterprise is operating do not affect the selection of KPIs.
Question 115
Which of the following will significantly affect the standard information security governance model?
Correct Answer: C
Explanation/Reference: Explanation: Complexity of the organizational structure will have the most significant impact on the Information security governance model. Some of the elements that impact organizational structure are multiple business units and functions across the organization. Incorrect Answers: A: Currency with changing legislative requirements should not have major impact once good governance models are placed, hence, governance will help in effective management of the organization's ongoing compliance. B, D: The numbers of employees and the distance between physical locations have less impact on Information security models as well-defined process, technology and people components together provide the proper governance.
