Free Access ISACA.CRISC.v2022-08-23.q834 Practice Test (Page 51)

Question 246

Which of the following is an acceptable method for handling positive project risk?

A.Exploit

B.Avoid

C.Mitigate

D.Transfer

E.Explanation:
Exploit is a method for handling positive project risk.

Question 247

A peer review of a risk assessment finds that a relevant threat community was not included. Mitigation of the risk will require substantial changes to a software application. Which of the following is the BEST course of action?

A.Build a business case to remediate the fix.

B.Ask the business to make a budget request to remediate the problem.

C.Research the types of attacks the threat can present.

D.Determine the impact of the missing threat.

Question 248

An organization is considering adopting artificial intelligence (Al). Which of the following is the risk practitioner's MOST important course of action?

A.Identify applicable risk scenarios.

B.Ensure sufficient pre-implementation testing.

C.Identify the organization's critical data.

D.Develop key risk indicators (KRIs).

Question 249

While defining the risk management strategies, what are the major parts to be determined first? Each correct answer represents a part of the solution. Choose two.

A.IT architecture complexity

B.Organizational objectives

C.Risk tolerance

D.Risk assessment criteria

Question 250

An organization maintains independent departmental risk registers that are not automatically aggregated.
Which of the following is the GREATEST concern?

A.Resources may be inefficiency allocated

B.Management may be unable to accurately evaluate the risk profile

C.Multiple risk treatment efforts may be initiated to treat a given risk

D.The same risk factor may be identified in multiple areas

Other Version: 3455ISACA.CRISC.v2025-07-19.q999; 6540ISACA.CRISC.v2024-09-11.q999; 7512ISACA.CRISC.v2022-10-10.q527; 15391ISACA.CRISC.v2022-05-05.q821; 66ISACA.Examboosts.CRISC.v2021-09-26.by.erica.460q.pdf

Latest Upload: 106OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 172TheSecOpsGroup.CNSP.v2025-09-08.q20; 240CFAInstitute.ESG-Investing.v2025-09-08.q173; 236PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 159Salesforce.Data-Architect.v2025-09-05.q216; 153Adobe.AD0-E605.v2025-09-05.q50

Question 246

Question 247

Question 248

Question 249

Question 250

Download PDF File