This is an example of:
An IS manager has decided to implement a security system to monitor access to the Internet and
prevent access to numerous sites. Immediately upon installation, employees Hood the IT helpdesk
with complaints of being unable to perform business functions on Internet sites. This is an example
of:
Which plan risk management process tool and technique should Fred use to plan risk management?
Fred is the project manager of a large project in his organization. Fred needs to begin planning the
risk management plan with the project team and key stakeholders. Which plan risk management
process tool and technique should Fred use to plan risk management?
Choose the BEST answer
________________ (fill in the blank) is/are are ultimately accountable for the functionality,
reliability, and security within IT governance. Choose the BEST answer.
Which one of the following statements best describes the requirements for the data type used in qualitative ri
You are the project manager of the CUL project in your organization. You and the project team are
assessing the risk events and creating a probability and impact matrix for the identified risks.
Which one of the following statements best describes the requirements for the data type used in
qualitative risk analysis?
An organization’s information security strategy should be based on:
An organization’s information security strategy should be based on:
Which of the following is the HIGHEST risk of a policy that inadequately defines data and system ownership?
Which of the following is the HIGHEST risk of a policy that inadequately defines data and system
ownership?
What can be used to help identify and investigate unauthorized transactions?
What can be used to help identify and investigate unauthorized transactions? Choose the BEST
answer.
What risk response is this?
Lisa is the project manager of the FKN project for her organization. She is working with Sam, the
CIO, to discuss a discount the vendor has offered the project based on the amount of materials
that is ordered. Lisa and Sam review the offer and agree that while their project may qualify for the
discounted materials the savings is nominal and they would not necessarily pursue the savings.
Lisa documents this positive risk response in the risk register. What risk response is this?
Which of the following should be included in an annual information security budget that is submitted for manag
Which of the following should be included in an annual information security budget that is
submitted for management approval?
What term is given to this newly created risk event?
Marie has identified a risk event in her project that needs a mitigation response. Her response
actually creates a new risk event that must now be analyzed and planned for. What term is given
to this newly created risk event?