CRISC Certify Risk Information System Control Practice Exam

Sample Questions

Q) Which of the following is the most important reason for keeping risk indicators (KRI)?

a) To avoid the risk

b) complex metrics require the development

c) the risk ratios must be timely

d) The threats and vulnerabilities change over time

Q) You are the project manager of a project HGT, who has just finished the final build process. The client project is signed off on the completion of the project and you have to do some administrative closure activities. In the project, there have been several major risks that could have destroyed the project, but you and your project team found some new ways to address the risks without affecting the project costs or project completion date. What you should do with risk responses that you identified during the design of the process of monitoring and control?

a) Include the answers in the project management plan.

b) Include the risk responses in the risk management plan.

c) They include the risk responses in the organization's lessons learned database.

d) Anything. The risk responses are included in the risk register of the project already.

Q) You are the project manager of the GHT project. Have you identified a risk event on the project which could save $ 100,000 in project costs if it occurs. Which of the following best describes this risk event?

a) This risk event should be mitigated to take advantage of the savings.

b) It is a risk event that should be accepted because the rewards outweigh the threat to the project.

c) This risk event should be avoided to take full advantage of the potential savings.

d) This risk event is an opportunity for the project and should be exploited.

Q) You are the project manager for a large construction project. This project will run for 18 months and will cost $ 750,000 to complete. He is working with the project team, experts and stakeholders to identify risks within the project before starting the project work. Management wants to know why you're planning a lot of risk identification meetings throughout the project, rather than just during the initial project planning. What is the best reason for the identification sessions duplicates risks?

a) The iterative meetings allow all stakeholders to participate in the processes of identification of risks in all phases of the project.

b) The iterative meetings allow the project manager to discuss the risk events over the project and that did not happen.

c) The iterative meetings allow the project manager and the risk identification participants to identify newly discovered risk events during the project.

d) The iterative meetings allow the project manager to communicate waiting risk events during the execution of the project.

Q) You are a risk officer Bluewell Inc. It is supposed to risks different priorities. A risk has a rating of onset, severity and detection as 4, 5, and 6, respectively. That risk Priority Number (RPN) you would give to it?

a) 120

b) 100

c) 15

d) 30