CertsTopics Logo

Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

CRISC Premium Exam Questions

Page: 25 / 119
Total 1590 questions
Get CRISC Full Access Download CRISC PDF

Certified in Risk and Information Systems Control Questions and Answers

Question 97

An organization recently implemented a cybersecurity awareness program that includes phishing simulation exercises for all employees. What type of control is being utilized?

Options:

Question 98

Which of the following is the MOST important consideration for the board and senior leadership

regarding the organization's approach to risk management for emerging technologies?

Options:

A.

Ensuring the organization follows risk management industry best practices

B.

Ensuring IT risk scenarios are updated and include emerging technologies

C.

Ensuring the risk framework and policies are suitable for emerging technologies

D.

Ensuring threat intelligence services are used to gather data about emerging technologies

Question 99

Which of the following is the MOST effective way to help ensure future risk levels do not exceed the organization's risk appetite?

Options:

A.

Establishing a series of key risk indicators (KRIs).

B.

Adding risk triggers to entries in the risk register.

C.

Implementing key performance indicators (KPIs).

D.

Developing contingency plans for key processes.

Question 100

In the three lines of defense model, a PRIMARY objective of the second line is to:

Options:

A.

Review and evaluate the risk management program.

B.

Ensure risks and controls are effectively managed.

C.

Implement risk management policies regarding roles and responsibilities.

D.

Act as the owner for any operational risk identified as part of the risk program.

Page: 25 / 119
Total 1590 questions
Get CRISC Full Access Download CRISC PDF