[2024-10-23更新,999問] 無料ISACA CRISC試験問題集、CRISC問題集(ページ 185)

CRISC 試験問題 916

Which of the following provides the BEST evidence that a selected risk treatment plan is effective?

A. Performing a cost-benefit analysis

B. Identifying key risk indicators (KRIs)

C. Evaluating the return on investment (ROI)

D. Evaluating the residual risk level

CRISC 試験問題 917

Which of the following describes the relationship between Key risk indicators (KRIs) and key control indicators (KCIS)?

A. KCIs and KRIs help in determining risk appetite.

B. KCIs provide input for KRIs

C. KCIs are independent from KRIs KRIs.

D. KCIs are defined using data from KRIs.

CRISC 試験問題 918

A deficient control has been identified which could result in great harm to an organization should a low frequency threat event occur. When communicating the associated risk to senior management, the risk practitioner should explain:

A. the current level of risk is within tolerance.

B. mitigation plans for threat events should be prepared in the current planning period.

C. an increase in threat events could cause a loss sooner than anticipated.

D. this risk scenario is equivalent to more frequent, but lower impact risk scenarios.

CRISC 試験問題 919

制御実装後のリスク露出を判断するために最も有用な情報を提供するのは次のどれですか?

A. 戦略計画とリスク管理の統合

B. リスクエスカレーションとコミュニケーションのプロセス

C. リスクの制限、閾値、指標

D. ポリシー、標準、手順

正解: C

リスク制限、しきい値、および指標は、現在のリスクレベルと残存リスクレベルを測定および監視し、それらを望ましいリスクレベルおよび許容可能なリスクレベルと比較するのに役立つため、制御の実装後のリスク露出を判断するための最も有用な情報を提供します。リスク制限、しきい値、および指標は次のように定義されます。
* リスク制限とは、組織が特定の活動、プロセス、または目標に対して受け入れるリスクの最大量です。リスク制限は組織のリスク選好度とリスク許容度から導き出され、リスク対応と制御の選択を導くのに役立ちます。
* リスクしきい値とは、リスクまたはパフォーマンスが許容可能または許容不可能となるポイントまたはレベルです。
Risk thresholds are used to trigger alerts, actions, or escalation when the risk or performance deviates from the expected or planned range.
* Risk indicators are metrics or measures that provide information on the current or potential risk exposure or performance. Risk indicators can be classified into key risk indicators (KRIs), which measure the likelihood and impact of risk events, and key performance indicators (KPIs), which measure the effectiveness and efficiency of controls and processes.
Risk limits, thresholds, and indicators help to determine risk exposure following control implementations by providing quantitative and qualitative data and feedback on the risk and control environment. They also help to identify and prioritize the areas for improvement and enhancement of the risk and control environment. Risk limits, thresholds, and indicators also facilitate the communication, collaboration, and accountability among the stakeholders involved in the risk management and control processes.
The other options are not the most useful information to determine risk exposure following control implementations. Strategic plan and risk management integration is the process of aligning the organizational strategy and objectives with the risk management framework and activities, but it does not provide specific information on the risk exposure or control effectiveness. Risk escalation and process for communication is the process of reporting and escalating the risk issues and incidents to the appropriate authority and stakeholders, but it does not provide comprehensive information on the risk exposure or control performance.
Policies, standards, and procedures are the documents that define the principles, rules, and guidelines for the risk management and control processes, but they do not provide actual information on the risk exposure or control implementation. References = Risk Limits, Thresholds and Indicators - ISACA, IT Risk Resources | ISACA, Risk Management: Risk Indicators and Risk Appetite

CRISC 試験問題 920

The acceptance of control costs that exceed risk exposure MOST likely demonstrates:

A. corporate culture misalignment

B. corporate culture alignment.

C. low risk tolerance.

D. high risk tolerance.

他のバージョン: 1369ISACA.CRISC.v2025-03-28.q924; 1009ISACA.CRISC.v2024-07-31.q668; 3214ISACA.CRISC.v2023-07-03.q712; 5611ISACA.CRISC.v2022-10-19.q897

最新アップロード: 107SAP.C-C4H56I-34.v2025-09-08.q74; 145Salesforce.Agentforce-Specialist.v2025-09-08.q82; 106Salesforce.Public-Sector-Solutions.v2025-09-08.q93; 105Fortinet.FCP_FAZ_AD-7.4.v2025-09-08.q75; 104SAP.C-S4TM-2023.v2025-09-08.q86; 140SAP.C-TS412-2021.v2025-09-06.q90; 181Microsoft.MB-700.v2025-09-06.q281; 162Docker.DCA.v2025-09-06.q175; 119SAP.C-BCFIN-2502.v2025-09-05.q12; 135Avaya.77201X.v2025-09-05.q58

CRISC 試験問題 916

CRISC 試験問題 917

CRISC 試験問題 918

CRISC 試験問題 919

CRISC 試験問題 920

PDFファイルをダウンロード