KRIs and KCIs are both metrics that measure and monitor the risk and control environment of an enterprise.
KRIs are indicators that reflect the level and trend of risk exposure, and help to identify potential risk events or issues. KCIs are indicators that reflect the performance and effectiveness of the risk controls, and help to ensure that the controls are operating as intended and mitigating the risk. Both KRIs and KCIs provide insight to potential changes in the level of risk, as they can signal the need for risk response actions, such as enhancing, modifying, or implementing new controls, or adjusting the risk strategy and objectives. References
= Most Asked CRISC Exam Questions and Answers. CRISC: Certified in Risk & Information Systems Control Sample Questions, Question 240.

A cyber intrusion is an unauthorized or malicious access to a computer system or network by an attacker. A cyber intrusion can compromise the confidentiality, integrity, or availability of the system or network, as well as the data and services that it hosts. A cyber intrusion can also cause damage, disruption, or theft to the organization or its stakeholders. One of the best ways to prevent cyber intrusion is to strengthen vulnerability remediation efforts, which means to identify and fix the weaknesses or flaws in the system or network that can be exploited by the attackers. Vulnerability remediation efforts can include conducting regular vulnerability assessments, applying security patches and updates, configuring security settings and policies, and implementing security controls and measures. By strengthening vulnerability remediation efforts, the organization can reduce the attack surface and the likelihood of cyber intrusion, as well as enhance the resilience and protection of the system or network. The other options are not the best recommendations for preventing cyber intrusion, although they may be helpful and complementary. Establishing a cyber response plan is a technique to prepare for and respond to a cyber incident, such as a cyber intrusion, by defining the roles, responsibilities, procedures, and resources that are needed to manage and recover from the incident.
However, a cyber response plan is a reactive and contingency measure, while strengthening vulnerability remediation efforts is a proactive and preventive measure. Implementing data loss prevention (DLP) tools is a technology that tries to detect and stop sensitive data breaches, or data leakage incidents, in an organization.
DLP tools can help to protect the data from being disclosed to an unauthorized person, whether it is deliberate or accidental. However, DLP tools do not prevent cyber intrusion itself, as they only focus on the data, not the system or network. Implementing network segregation is a method to divide a network into smaller segments or subnetworks, each with its own security policies and controls. Network segregation can help to isolate and contain the impact of a cyber intrusion, as well as to limit the access and movement of the attackers within the network. However, network segregation does not prevent cyber intrusion from occurring, as it does not address the vulnerabilities or flaws in the system or network. References = CRISC Review Manual, pages
164-1651; CRISC Review Questions, Answers & Explanations Manual, page 902; What Are Security Controls? - F53; Assessing Security Controls: Keystone of the Risk Management ... - ISACA4

Section: Volume B
Explanation:
Articulating risk is the first phase in the risk response process to ensure that information on the true state of exposures and opportunities are made available in a timely manner and to the right people for appropriate response. Following are the tasks that are involved in articulating risk:
* Communicate risk analysis results.
* Report risk management activities and the state of compliance.
* Interpret independent risk assessment findings.
* Identify business opportunities.
Incorrect Answers:
B: Risk mitigation attempts to reduce the probability of a risk event and its impacts to an acceptable level. Risk mitigation can utilize various forms of control carefully integrated together. This comes under risk response process and is latter stage after articulating risk.
C: Tracking risk is the process of tracking the ongoing status of risk mitigation processes. This tracking ensures that the risk response strategy remains active and that proposed controls are implemented according to schedule.
D: This is not related to risk response process. It is a type of risk. Reporting risks are the risks that are caused due to wrong reporting which leads to bad decision.