An enterprise has identified risk events in a project. While responding to these identified risk
events, which among the following stakeholders is MOST important for reviewing risk response
options to an IT risk.
Which of the following is a technique that provides a systematic description of the combination of
unwanted occurrences in a system?
What is the process for selecting and implementing measures to impact risk called?
Which section of the Sarbanes-Oxley Act specifies “Periodic financial reports must be certified by
CEO and CFO”?
What is the PRIMARY need for effectively assessing controls?
You work as the project manager for Bluewell Inc. There has been a delay in your project work
that is adversely affecting the project schedule. You decide, with your stakeholders’ approval, to
fast track the project work to get the project done faster. When you fast track the project, what is
likely to increase?
David is the project manager of the HRC Project. He has identified a risk in the project, which
could cause the delay in the project. David does not want this risk event to happen so he takes
few actions to ensure that the risk event will not happen. These extra steps, however, cost the
project an additional $10,000. What type of risk response has David adopted?
Which of the following is the MOST important objective of the information system control?
Which of the following is prepared by the business and serves as a starting point for producing the
IT Service Continuity Strategy?
For which of the following risk management capability maturity levels do the statement given
below is true? “Real-time monitoring of risk events and control exceptions exists, as does
automation of policy management”