CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CRISC—Certified in Risk and Information Systems Control Certification Questions and answer - Part 36
1. David is the project manager of HRC project. He concluded while HRC project is in process that if he adopts e-commerce, his project can be more fruitful. But he did not engaged in electronic commerce (e-commerce) so that he would escape from risk associated with that line of business. What type of risk response had he adopted?
A) Acceptance
B) Avoidance
C) Exploit
D) Enhance
2. Which of the following is the final step in the policy development process?
A) Management approval
B) Continued awareness activities
C) Communication to employees
D) Maintenance and review
3. You are the project manager of GHT project. Your project utilizes a machine for production of goods. This machine has the specification that if its temperature would rise above 450 degree Fahrenheit then it may result in burning of windings. So, there is an alarm which blows when machine's temperature reaches 430 degree Fahrenheit and the machine is shut off for 1 hour. What role does alarm contribute here?
A) Of risk indicator
B) Of risk identification
C) Of risk trigger
D) Of risk response
4. When does the Identify Risks process take place in a project?
A) At the Planning stage.
B) At the Executing stage.
C) At the Initiating stage.
D) Throughout the project life-cycle.
5. In the project initiation phase of System Development Life Cycle, there is information on project initiated by which of the following role carriers?
A) CRO
B) Sponsor
C) Business management
D) CIO
A) Acceptance
B) Avoidance
C) Exploit
D) Enhance
2. Which of the following is the final step in the policy development process?
A) Management approval
B) Continued awareness activities
C) Communication to employees
D) Maintenance and review
3. You are the project manager of GHT project. Your project utilizes a machine for production of goods. This machine has the specification that if its temperature would rise above 450 degree Fahrenheit then it may result in burning of windings. So, there is an alarm which blows when machine's temperature reaches 430 degree Fahrenheit and the machine is shut off for 1 hour. What role does alarm contribute here?
A) Of risk indicator
B) Of risk identification
C) Of risk trigger
D) Of risk response
4. When does the Identify Risks process take place in a project?
A) At the Planning stage.
B) At the Executing stage.
C) At the Initiating stage.
D) Throughout the project life-cycle.
5. In the project initiation phase of System Development Life Cycle, there is information on project initiated by which of the following role carriers?
A) CRO
B) Sponsor
C) Business management
D) CIO
1. Right Answer: B
Explanation: As David did not engaged in e-commerce in order to avoid risk, hence he is following risk avoidance strategy.
2. Right Answer: D
Explanation: Organizations should create a structured ISG document development process. A formal process gives many areas the opportunity to comment on a policy. This is very important for high-level policies that apply to the whole organization. A formal process also makes sure that final policies are communicated to employees. It also provides organizations with a way to make sure that policies are reviewed regularly.In general, a policy development process should include the following steps:1. Development2. Stakeholder review3. Management approval4. Communication to employees5. Documentation of compliance or exceptions6. Continued awareness activities7. Maintenance and reviewIncorrect Answers:A, B, C: These are the earlier phases in policy development process.
3. Right Answer: A
Explanation: Here in this scenario alarm indicates the potential risk that the rising temperature of machine can cause, hence it is enacting as a risk indicator.Risk indicators are metrics used to indicate risk thresholds, i.e., it gives indication when a risk level is approaching a high or unacceptable level of risk. The main objective of a risk indicator is to ensure tracking and reporting mechanisms that alert staff about the potential risks.Incorrect Answers:B: The first thing we must do in risk management is to identify the areas of the project where the risks can occur. This is termed as risk identification. Listing all the possible risks is proved to be very productive for the enterprise as we can cure them before it can occur. In risk identification both threats and opportunities are considered, as both carry some level of risk with them.C: The temperature 430 degree in scenario is the risk trigger. A risk trigger is a warning sign or condition that a risk event is about to happen. As in this scenario the 430 degree temperature is the indication of upcoming risks, hence 430 degree temperature is a risk trigger.D: Risk response is the action taken to reduce the risk event occurrence. Hence here risk response is shutting off of machine.
4. Right Answer: D
Explanation: Identify Risks is the process of determining which risks may affect the project. It also documents risks' characteristics. The Identify Risks process is part of theProject Risk Management knowledge area. As new risks may evolve or become known as the project progresses through its life cycle, Identify Risks is an iterative process. The process should involve the project team so that they can develop and maintain a sense of ownership and responsibility for the risks and associated risk response actions. Risk Register is the only output of this process.Incorrect Answers:A, B, C: Identify Risks process takes place at all the stages of a project, because risk changes over time.
5. Right Answer: B
Explanation: Project initiation section of SDLC contains information on projects initiated by sponsors who gather the information required to gain approval for the project to be created.
Explanation: As David did not engaged in e-commerce in order to avoid risk, hence he is following risk avoidance strategy.
2. Right Answer: D
Explanation: Organizations should create a structured ISG document development process. A formal process gives many areas the opportunity to comment on a policy. This is very important for high-level policies that apply to the whole organization. A formal process also makes sure that final policies are communicated to employees. It also provides organizations with a way to make sure that policies are reviewed regularly.In general, a policy development process should include the following steps:1. Development2. Stakeholder review3. Management approval4. Communication to employees5. Documentation of compliance or exceptions6. Continued awareness activities7. Maintenance and reviewIncorrect Answers:A, B, C: These are the earlier phases in policy development process.
3. Right Answer: A
Explanation: Here in this scenario alarm indicates the potential risk that the rising temperature of machine can cause, hence it is enacting as a risk indicator.Risk indicators are metrics used to indicate risk thresholds, i.e., it gives indication when a risk level is approaching a high or unacceptable level of risk. The main objective of a risk indicator is to ensure tracking and reporting mechanisms that alert staff about the potential risks.Incorrect Answers:B: The first thing we must do in risk management is to identify the areas of the project where the risks can occur. This is termed as risk identification. Listing all the possible risks is proved to be very productive for the enterprise as we can cure them before it can occur. In risk identification both threats and opportunities are considered, as both carry some level of risk with them.C: The temperature 430 degree in scenario is the risk trigger. A risk trigger is a warning sign or condition that a risk event is about to happen. As in this scenario the 430 degree temperature is the indication of upcoming risks, hence 430 degree temperature is a risk trigger.D: Risk response is the action taken to reduce the risk event occurrence. Hence here risk response is shutting off of machine.
4. Right Answer: D
Explanation: Identify Risks is the process of determining which risks may affect the project. It also documents risks' characteristics. The Identify Risks process is part of theProject Risk Management knowledge area. As new risks may evolve or become known as the project progresses through its life cycle, Identify Risks is an iterative process. The process should involve the project team so that they can develop and maintain a sense of ownership and responsibility for the risks and associated risk response actions. Risk Register is the only output of this process.Incorrect Answers:A, B, C: Identify Risks process takes place at all the stages of a project, because risk changes over time.
5. Right Answer: B
Explanation: Project initiation section of SDLC contains information on projects initiated by sponsors who gather the information required to gain approval for the project to be created.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment