CRISC Exam Question 241

Within the three lines of defense model, the responsibility for managing risk and controls resides with:
  • CRISC Exam Question 242

    An organization uses a web application hosted by a cloud service that is populated by data sent to the vendor via email on a monthly basis. Which of the following should be the FIRST consideration when analyzing the risk associated with the application?
  • CRISC Exam Question 243

    A bank is experiencing an increasing incidence of customer identity theft. Which of the following is the BEST way to mitigate this risk?
  • CRISC Exam Question 244

    It was discovered that a service provider's administrator was accessing sensitive information without the approval of the customer in an Infrastructure as a Service (laaS) model. Which of the following would BEST protect against a future recurrence?
  • CRISC Exam Question 245

    Which of the following is MOST critical when designing controls?