CRISC 試験問題を無料オンラインアクセス

A robotic process automation (RPA) project has implemented new robots to enhance the efficiency of a sales business process. Which of the following provides the BEST evidence that the new controls have been implemented successfully?

• A.Senior management has signed off on the design of the controls.
• B.Robots have operated without human interference on a daily basis.
• C.A post-implementation review has been conducted by key personnel.
• D.A qualified independent party assessed the new controls as effective.

Quantifying the value of a single asset helps the organization to understand the:

• A.organization s risk threshold.
• B.necessity of developing a risk strategy,
• C.consequences of risk materializing
• D.overall effectiveness of risk management

The PRIMARY benefit of classifying information assets is that it helps to:

• A.determine the appropriate level of control
• B.facilitate internal audit
• C.communicate risk to senior management
• D.assign risk ownership

Which of the following is the MOST important course of action to foster an ethical, risk-aware culture?

• A.Ensure the alignment of the organization's policies and standards to the defined risk appetite.
• B.Perform a comprehensive review of all applicable legislative frameworks and requirements.
• C.Implement a fraud detection and prevention framework.
• D.Establish an enterprise-wide ethics training and awareness program.

The risk associated with inadvertent disclosure of database records from a public cloud service provider (CSP) would MOST effectively be reduced by:

• A.including a nondisclosure clause in the CSP contract
• B.assessing the data classification scheme
• C.reviewing CSP access privileges
• D.encrypting the data