Which of the following are the Committee of Sponsoring Organisations (COSO) key principles of enterprise risk management?
Select ALL that apply.

Which TWO of the following are NOT methods used for risk identification?

Which of the following is an ethical dilemma?

You are a consultant to an international charity which provides aid to people displaced by war, civil unrest, and natural disaster. The charity has requested you to carry out a post implementation review on their new procurement and logistics system. Which TWO of the following should you be most concerned about when conducting this review?

CDE an online ticket sales agent, has unwittingly become an accomplice in cyber crime and is suffering attacks on its own business as a result CDE's website was poorly designed and cyber-attackers have managed to inject the site with malware, so that it collects all of CDE's customer log-in information and enables the cyber-attackers to retrieve it.
The cyber-attackers subsequently use this information to set up Botnet agents in the customers' devices which are then used in a Distributed Denial of Service (DDoS) attack whenever very popular tickets are being placed on sale such as international football matches.
The cyber-attackers secure access to a single portal on the site and buy multiple tickets for subsequent sale on the black market while the DDoS causes all other portals to be overloaded preventing real fans acquiring the tickets at face value.
Which TWO of the following apply in this scenario?