CRISC Exam Question 211

An IT department has organized training sessions to improve user awareness of organizational information security policies. Which of the following is the BEST key performance indicator (KPI) to reflect effectiveness of the training?
  • CRISC Exam Question 212

    A risk practitioner has just learned about new malware that has severely impacted industry peers worldwide data loss?
  • CRISC Exam Question 213

    What is the BEST recommendation to reduce the risk associated with potential system compromise when a vendor stops releasing security patches and updates for a business-critical legacy system?
  • CRISC Exam Question 214

    A risk practitioner shares the results of a vulnerability assessment for a critical business application with the business manager. Which of the following is the NEXT step?
  • CRISC Exam Question 215

    An organization has determined that risk is not being adequately tracked and managed due to a distributed operating model. Which of the following is the BEST way to address this issue?