CRISC Exam Question 191
An organization mandates the escalation of a service ticket when a key application is offline for 5 minutes or more due to potential risk exposure. The risk practitioner has been asked by management to prepare a report of application offline times using both 3- and 5-minute thresholds. What does the 3-minute threshold represent?
CRISC Exam Question 192
Which of the following should be the PRIMARY consideration for a startup organization that has decided to adopt externally-sourced security policies?
CRISC Exam Question 193
A new international data privacy regulation requires personal data to be disposed after the specified retention period, which is different from the local regulatory requirement. Which of the following is the risk practitioner's BEST course of action?
CRISC Exam Question 194
A key risk indicator (KRI) for technology operations has been above risk thresholds for the last three reporting periods. What is the BEST way for a risk practitioner to address this concern?
CRISC Exam Question 195
A root because analysis indicates a major service disruption due to a lack of competency of newly hired IT system administrators Who should be accountable for resolving the situation?
