Online Access Free ISACA.CRISC.v2024-06-13.q683 Practice Test (Page 78)

CRISC Exam Question 381

Which of the following can be used to assign a monetary value to risk?

A.Cost-benefit analysis

B.Business impact analysis

C.Inherent vulnerabilities

D.Annual loss expectancy (ALE)

CRISC Exam Question 382

Which of the following would require updates to an organization's IT risk register?

A.Discovery of an ineffectively designed key IT control

B.Management review of key risk indicators (KRIs)

C.Changes to the team responsible for maintaining the register

D.Completion of the latest internal audit

CRISC Exam Question 383

The BEST key performance indicator (KPI) to measure the effectiveness of a vendor risk management program is the percentage of:

A.vendor risk mitigation action items completed on time.

B.vendors that have reported control-related incidents.

C.vendor contracts reviewed in the past year.

D.vendors providing risk assessments on time.

CRISC Exam Question 384

Which of the following would be a risk practitioner'$ BEST recommendation to help ensure cyber risk is assessed and reflected in the enterprise-level risk profile?

A.Manage cyber risk according to the organization's risk management framework.

B.Implement a cyber risk program based on industry best practices

C.Conduct cyber risk awareness training tailored specifically for senior management

D.Define cyber roles and responsibilities across the organization

CRISC Exam Question 385

After a high-profile systems breach at an organization s key vendor, the vendor has implemented additional mitigating controls. The vendor has voluntarily shared the following set of assessments:
Which of the assessments provides the MOST reliable input to evaluate residual risk in the vendor's control environment?

A.Internal audit

B.Regulatory examination

C.External audit

D.Vendor performance scorecard

Other Version: 1093ISACA.CRISC.v2025-08-27.q675; 3184ISACA.CRISC.v2025-01-04.q999; 2167ISACA.CRISC.v2024-04-02.q999; 2752ISACA.CRISC.v2023-07-10.q544; 5436ISACA.CRISC.v2022-05-25.q338; 76ISACA.Actual4dump.CRISC.v2022-04-12.by.newman.349q.pdf; 5245ISACA.CRISC.v2022-02-22.q349; 5070ISACA.CRISC.v2021-10-27.q295; 42ISACA.Updatedumps.CRISC.v2021-09-05.by.bonnie.114q.pdf

Latest Upload: 131Microsoft.SC-400.v2025-09-20.q290; 370ISACA.CGEIT.v2025-09-19.q537; 157Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 158Scrum.SAFe-Practitioner.v2025-09-18.q63; 154Workday.Workday-Prism-Analytics.v2025-09-17.q17; 134Oracle.1Z0-1055-24.v2025-09-17.q28; 131Oracle.1Z1-182.v2025-09-17.q32; 257Nutanix.NCP-US-6.5.v2025-09-16.q73; 275Oracle.1z0-071.v2025-09-16.q232; 205Oracle.1Z1-922.v2025-09-16.q125

CRISC Exam Question 381

CRISC Exam Question 382

CRISC Exam Question 383

CRISC Exam Question 384

CRISC Exam Question 385

Download PDF File