CRISC Exam Question 241
Within the three lines of defense model, the responsibility for managing risk and controls resides with:
CRISC Exam Question 242
An organization uses a web application hosted by a cloud service that is populated by data sent to the vendor via email on a monthly basis. Which of the following should be the FIRST consideration when analyzing the risk associated with the application?
CRISC Exam Question 243
A bank is experiencing an increasing incidence of customer identity theft. Which of the following is the BEST way to mitigate this risk?
CRISC Exam Question 244
It was discovered that a service provider's administrator was accessing sensitive information without the approval of the customer in an Infrastructure as a Service (laaS) model. Which of the following would BEST protect against a future recurrence?
CRISC Exam Question 245
Which of the following is MOST critical when designing controls?
