Free Access ISACA.CRISC.v2025-07-19.q999 Practice Test (Page 191)

Question 946

Who should be responsible (of evaluating the residual risk after a compensating control has been

A.Risk practitioner

B.Risk owner

C.Compliance manager

D.Control owner

Question 947

Which of the following is the BEST approach for selecting controls to minimize risk?

A.Control-effectiveness evaluation

B.Industry best practice review

C.Risk assessment

D.Cost-benefit analysis

Question 948

A risk practitioner has identified that the agreed recovery time objective (RTO) with a Software as a Service (SaaS) provider is longer than the business expectation. Which ot the following is the risk practitioner's BEST course of action?

A.Collaborate with the risk owner to determine the risk response plan.

B.Document the gap in the risk register and report to senior management.

C.Include a right to audit clause in the service provider contract.

D.Advise the risk owner to accept the risk.

Question 949

Several network user accounts were recently created without the required management approvals. Which of the following would be the risk practitioner's BEST recommendation to address this situation?

A.Investigate the root cause of noncompliance.

B.Declare a security breach and inform management.

C.Develop incident response procedure for noncompliance.

D.Conduct a comprehensive compliance review.

Question 950

An organization's HR department has implemented a policy requiring staff members to take a minimum of five consecutive days leave per year to mitigate the risk of malicious insider activities. Which of the following is the BEST key performance indicator (KPI) of the effectiveness of this policy?

A.Number of malicious activities occurring during staff members' leave

B.Percentage of staff members seeking exception to the policy

C.Financial loss incurred due to malicious activities during staff members' leave

D.Percentage of staff members taking leave according to the policy

Other Version: 6471ISACA.CRISC.v2024-09-11.q999; 7512ISACA.CRISC.v2022-10-10.q527; 12549ISACA.CRISC.v2022-08-23.q834; 15322ISACA.CRISC.v2022-05-05.q821; 66ISACA.Examboosts.CRISC.v2021-09-26.by.erica.460q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 148Salesforce.Data-Architect.v2025-09-05.q216; 143Adobe.AD0-E605.v2025-09-05.q50

Question 946

Question 947

Question 948

Question 949

Question 950

Download PDF File