What is a Key Risk Indicator (KRI)?

A metric showing the risk appetite probability for an organization

A tool for financial forecasting

A measure of employee performance

Which of the following is required to identify a KRI?

Understanding the organizational goals

Hiring a risk management consultant

What is one of the functions of a KRI?

Identifying the adverse effect of an event

Improving customer satisfaction

What is the purpose of identifying risks in risk management?

To identify the sources, causes, and consequences of risks

To increase the number of risks

What does establishing context in risk management involve?

Understanding the current posture and defining the environment

Ignoring the organization's environment

Focusing only on external factors

What is the goal of quantifying risks in risk management?

To determine the effect and calibrate outcomes of risks

To increase the number of risks

To ignore the potential outcomes

What does the risk assessment phase provide an estimate on?

The likelihood and impact of the risk

The organization's financial status

What does risk assessment determine?

The quantitative and qualitative value of risk

The number of products to launch

What does quantitative risk analysis focus on?

Mapping the probability of a specific event occurring to the perceived cost of the event

Mapping the perceived impact of a specific event to a risk rating

Analyzing the risk of vulnerabilities and threats

Defining the nature of the risk and determining the level of risk exposure

What is the formula for Annualized Loss Expectancy (ALE)?

Annual rate of occurrence x Single loss expectancy

Single loss expectancy x Risk rating

Probability of event x Cost of event

Threat level x Vulnerability level

What does qualitative risk analysis focus on?

Mapping the perceived impact of a specific event to a risk rating

Mapping the probability of a specific event occurring to the perceived cost

Analyzing the risk of vulnerabilities and threats

Determining the level of risk exposure

What is the purpose of analyzing the risk of vulnerabilities and threats?

To provide an understanding of the inherent and controlled risks

To determine the level of risk exposure

To map the probability of an event occurring

To calculate the annualized loss expectancy

What is the purpose of risk prioritization in risk assessment?

To identify and rate risks with the same severity

To increase the number of risks

On what factors does the prioritization of risks depend?

Goals and resources of an organization

What immediate action should be taken for an Extreme/High risk level?

Immediate measures should be performed

Implement controls as soon as possible

What is the recommended action for a Medium risk level?

Immediate measures should be performed

What should be done for a Low risk level?

Immediate measures should be performed

How are risks categorized according to the document?

By the estimated impact on the system

By the number of people affected

By the time required to resolve

What is a risk matrix used for?

To scale risk by considering probability, likelihood, and consequence/impact

To determine employee performance

What is the process of risk treatment?

Selecting and implementing appropriate controls on identified risks

Documenting risks without action

Increasing the severity of risks

What does risk modification or risk mitigation involve?

Modifying risk exposure by applying controls

Accepting the existence of a risk

Reassigning accountability for a risk

What is the primary focus of risk avoidance or risk elimination?

Adjusting strategies to eliminate or reduce the risk

Reassigning accountability for a risk

Acknowledging the existence of a risk

What are the two primary categories of risk?

Inherent Risk and Residual Risk

Financial Risk and Operational Risk

Strategic Risk and Compliance Risk

What does inherent risk define?

The risk that exists before controls are implemented

The risk that remains after controls are implemented

The risk associated with financial loss

The risk related to market fluctuations

What is the most important consideration for residual risk?

Some quantity of risk always remains after applying mitigation

It is completely eliminated after mitigation

It is the same as inherent risk

It only applies to financial risks

What is a risk treatment plan?

An action plan describing how to respond to potential risks

A document outlining potential risks

A strategy for financial investment

What must a risk treatment plan document be part of?

A certified ISO 27001 information security management system

A certified ISO 9001 quality management system

A certified ISO 14001 environmental management system

A certified ISO 45001 occupational health and safety management system

Module 22 CSEC

Quiz

•

Information Technology (IT)

•

12th Grade

•

Practice Problem

•

Hard

BOBO BOBO

FREE Resource

Senior Management

Business and Functional Managers

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

63 questions

TRYOUT XII INFORMATIKA

Quiz

•

12th Grade

65 questions

Kiến thức Microsoft Office

Quiz

•

12th Grade

65 questions

Information Security Quiz

Quiz

•

12th Grade

Popular Resources on Wayground

5 questions

This is not a...winter edition (Drawing game)

Quiz

•

1st - 5th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

10 questions

Identify Iconic Christmas Movie Scenes

Interactive video

•

6th - 10th Grade

20 questions

Christmas Trivia

Quiz

•

6th - 8th Grade

18 questions

Kids Christmas Trivia

Quiz

•

KG - 5th Grade

11 questions

How well do you know your Christmas Characters?

Lesson

•

3rd Grade

14 questions

Christmas Trivia

Quiz

•

5th Grade

20 questions

How the Grinch Stole Christmas

Quiz

•

5th Grade

Discover more resources for Information Technology (IT)

26 questions

Christmas Movie Trivia

Lesson

•

8th Grade - Professio...

15 questions

Christmas Song Emoji Pictionary

Quiz

•

7th - 12th Grade

20 questions

Christmas Movies

Quiz

•

1st - 12th Grade

55 questions

CHS Holiday Trivia

Quiz

•

12th Grade

20 questions

Christmas Movie Trivia

Quiz

•

9th - 12th Grade

29 questions

christmas facts

Lesson

•

5th - 12th Grade

20 questions

Christmas Trivia

Quiz

•

5th - 12th Grade

20 questions

Stages of Meiosis

Quiz

•

9th - 12th Grade

Module 22 CSEC

68 questions

What is the primary goal of risk management?

Which of the following is NOT a benefit of risk management?

What does risk management involve?

Where does risk management have a prominent place?

Who is responsible for designing the steps required for handling future risks in risk management?

Which role is responsible for IT planning, budgeting, and performance based on a risk management program?

Who is responsible for implementing appropriate security controls to maintain confidentiality, integrity, and availability of an information system?

Which role is responsible for making trade-off decisions in the risk management process?

Who is responsible for developing and providing appropriate training in the risk management process?

What is a Key Risk Indicator (KRI)?

Create a free account and access millions of resources

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Information Technology (IT)