CRISC Quiz Questions and Answers

Answer :
  • owns the risk and is responsible for identifying, assessing and mitigating risk as well as reporting on that risk to the appropriate support functions and the board of directors.

Explanation :

The BU is responsible for owning the risk and its resulting actions. Risk owners have the responsibility of identifying, measuring, monitoring, controlling and reporting on risk to executive management as established by the corporate risk framework.
Answer :
  • as part of risk response planning.

Explanation :

In risk response, a range of controls will be identified that can mitigate risk; however, a cost-benefit analysis in this process will help identify the right controls that will address the risk at acceptable levels within the budge
Answer :
  • Validate the exception

Explanation :

Before any other action is taken, the security manager should ensure that the exception identified by monitoring is not a false positive.
Answer :
  • Provide common messages tailored for different groups.

Explanation :

Groups differ in level of responsibility and expertise; tailor common messages to each group’s role and level of understanding.
Answer :
  • Risk analysis results

Explanation :

Risk analysis results provide a basis for prioritizing risk responses and allocation of resources.
Answer :
  • impact on business operations
Answer :
  • senior management
Answer :
  • Risk culture