Join the discussion
Question 19/190
You are the project manager for your company and a new change request has been approved for your project.
This change request, however, has introduced several new risks to the project. You have communicated these risk events and the project stakeholders understand the possible effects these risks could have on your project.
You elect to create a mitigation response for the identified risk events. Where will you record the mitigation response?
This change request, however, has introduced several new risks to the project. You have communicated these risk events and the project stakeholders understand the possible effects these risks could have on your project.
You elect to create a mitigation response for the identified risk events. Where will you record the mitigation response?
Correct Answer: A
Section: Volume B
Explanation:
The Identified risks and potential responses are documented in the risk register. A risk register is an inventory of risks and exposure associated with those risks. Risks are commonly found in project management practices, and provide information to identify, analyze, and manage risks. Typically a risk register contains:
* A description of the risk
* The impact should this event actually occur
* The probability of its occurrence
* Risk Score (the multiplication of Probability and Impact)
* A summary of the planned response should the event occur
* A summary of the mitigation (the actions taken in advance to reduce the probability and/or impact of the event)
* Ranking of risks by Risk Score so as to highlight the highest priority risks to all involved.
Incorrect Answers:
B: This is not a valid choice for this question
C: The project management plan is the parent of the risk management plan, but the best choice is the risk register.
D: The risk management plan is an input to the risk response planning, but it is not the best choice for this question
Explanation:
The Identified risks and potential responses are documented in the risk register. A risk register is an inventory of risks and exposure associated with those risks. Risks are commonly found in project management practices, and provide information to identify, analyze, and manage risks. Typically a risk register contains:
* A description of the risk
* The impact should this event actually occur
* The probability of its occurrence
* Risk Score (the multiplication of Probability and Impact)
* A summary of the planned response should the event occur
* A summary of the mitigation (the actions taken in advance to reduce the probability and/or impact of the event)
* Ranking of risks by Risk Score so as to highlight the highest priority risks to all involved.
Incorrect Answers:
B: This is not a valid choice for this question
C: The project management plan is the parent of the risk management plan, but the best choice is the risk register.
D: The risk management plan is an input to the risk response planning, but it is not the best choice for this question
Add Comments
- Other Question (190q)
- Q1. Which of the following risks is associated with not receiving the right information to the...
- Q2. Which of the following matrices is used to specify risk thresholds?...
- Q3. Which of the following is the MOST important use of KRIs?...
- Q4. Qualitative risk assessment uses which of the following terms for evaluating risk level? E...
- Q5. Which of the following come under the phases of risk identification and evaluation? Each c...
- Q6. Which of the following would BEST ensure that identified risk scenarios are addressed?...
- Q7. During an IT department reorganization, the manager of a risk mitigation action plan was r...
- Q8. Which of the following test is BEST to map for confirming the effectiveness of the system ...
- Q9. Which of the following is NOT true for Key Risk Indicators?...
- Q10. What should be considered while developing obscure risk scenarios? Each correct answer rep...
- Q11. Which of the following is MOST important to understand when determining an appropriate ris...
- Q12. Which of the following is the BEST key performance indicator (KPI) to measure the effectiv...
- Q13. Which of the following roles would be MOST helpful in providing a high-level view of risk ...
- Q14. You are the IT manager in Bluewell Inc. You identify a new regulation for safeguarding the...
- Q15. Which of the following would be the BEST way to help ensure the effectiveness of a data lo...
- Q16. Your company is covered under a liability insurance policy, which provides various liabili...
- Q17. Which of the following would BEST help to ensure that suspicious network activity is ident...
- Q18. Which of the following MOST effectively limits the impact of a ransomware attack?...
- Q19. You are the project manager for your company and a new change request has been approved fo...
- Q20. A risk practitioner identifies a database application that has been developed and implemen...
- Q21. You are the project manager of GHT project. Your hardware vendor left you a voicemail sayi...
- Q22. The PRIMARY advantage of involving end users in continuity planning is that they:...
- Q23. Effective risk communication BEST benefits an organization by:...
- Q24. Adrian is a project manager for a new project using a technology that has recently been re...
- Q25. Who should be responsible for implementing and maintaining security controls?...
- Q26. An IT organization is replacing the customer relationship management (CRM) system. Who sho...
- Q27. What is the BEST information to present to business control owners when justifying costs r...
- Q28. A multinational organization is considering implementing standard background checks to' al...
- Q29. Which of the following is the best reason for performing risk assessment?...
- Q30. Which among the following is the MOST crucial part of risk management process?...
- Q31. You are the project manager for your organization. You are preparing for the quantitative ...
- Q32. Which of the following is the MAIN reason for analyzing risk scenarios?...
- Q33. Who should be accountable for monitoring the control environment to ensure controls are ef...
- Q34. Which of the following characteristics of risk controls can be defined as under? "The sepa...
- Q35. What are the responsibilities of the CRO? Each correct answer represents a complete soluti...
- Q36. An IT risk practitioner has been asked to regularly report on the overall status and effec...
- Q37. What is the process for selecting and implementing measures to impact risk called?...
- Q38. You are the project manager for your company and a new change request has been approved fo...
- Q39. A business unit is updating a risk register with assessment results for a key project. Whi...
- Q40. You are the project manager for BlueWell Inc. You have noticed that the risk level in your...
- Q41. Reviewing which of the following provides the BEST indication of an organizations risk tol...
- Q42. Which of the following is MOST helpful in identifying gaps between the current and desired...
- Q43. You are elected as the project manager of GHT project. You are in project initialization p...
- Q44. Mary is a project manager in her organization. On her current project she is working with ...
- Q45. Your project is an agricultural-based project that deals with plant irrigation systems. Yo...
- Q46. An organization has granted a vendor access to its data in order to analyze customer behav...
- Q47. Malicious code protection is which type control?...
- Q48. The design of procedures to prevent fraudulent transactions within an enterprise resource ...
- Q49. An enterprise has identified risk events in a project. While responding to these identifie...
- Q50. A change management process has recently been updated with new testing procedures. The NEX...
- Q51. Which of the following statements are true for risk communication? Each correct answer rep...
- Q52. Which of the following practices MOST effectively safeguards the processing of personal da...
- Q53. When updating the risk register after a risk assessment, which of the following is MOST im...
- Q54. Which of the following is the BEST way of managing risk inherent to wireless network?...
- Q55. Which of the following BEST facilities the alignment of IT risk management with enterprise...
- Q56. You work as a project manager for BlueWell Inc. You are preparing to plan risk responses f...
- Q57. Which of the following would present the GREATEST challenge when assigning accountability ...
- Q58. Which of the following BEST measures the efficiency of an incident response process?...
- Q59. Which of the following is an administrative control?...
- Q60. Which of the following will be MOST effective to mitigate the risk associated with the los...
- Q61. An organization delegates its data processing to the internal IT team to manage informatio...
- Q62. You are the project manager of the NKJ Project for your company. The project's success or ...
- Q63. Fred is the project manager of a large project in his organization. Fred needs to begin pl...
- Q64. Which is the MOST important parameter while selecting appropriate risk response?...
- Q65. Suppose you are working in Techmart Inc. which sells various products through its website....
- Q66. What is the value of exposure factor if the asset is lost completely?...
- Q67. When it appears that a project risk is going to happen, what is this term called?...
- Q68. Which of the following is the MOST effective inhibitor of relevant and efficient communica...
- Q69. During a control review, the control owner states that an existing control has deteriorate...
- Q70. Which of the following is the BEST way to validate the results of a vulnerability assessme...
- Q71. Which of the following BEST enables the identification of trends in risk levels?...
- Q72. Which of the following controls focuses on operational efficiency in a functional area sti...
- Q73. Which of the following is MOST helpful in verifying that the implementation of a risk miti...
- Q74. Which of the following is the PRIMARY reason for monitoring activities performed in a prod...
- Q75. Which of the following is the MOST important reason to create risk scenarios?...
- Q76. Which among the following acts as a trigger for risk response process?...
- Q77. You are working in an enterprise. You project deals with important files that are stored o...
- Q78. What activity should be done for effective post-implementation reviews during the project?...
- Q79. You are the project manager of GHT project. You have analyzed the risk and applied appropr...
- Q80. You are the product manager in your enterprise. You have identified that new technologies,...
- Q81. Tom works as a project manager for BlueWell Inc. He is determining which risks can affect ...
- Q82. Which of the following is a risk practitioner's MOST important responsibility in managing ...
- Q83. An organization has raised the risk appetite for technology risk. The MOST likely result w...
- Q84. You are the risk official at Bluewell Inc. There are some risks that are posing threat on ...
- Q85. Which of the following is MOST important when developing key performance indicators (KPIs)...
- Q86. A risk practitioner is organizing a training session to communicate risk assessment method...
- Q87. Which of the following would BEST mitigate the risk associated with reputational damage fr...
- Q88. An organization has been notified that a disgruntled, terminated IT administrator has trie...
- Q89. Which of the following components of risk scenarios has the potential to generate internal...
- Q90. Which of the following is the BEST method for assessing control effectiveness?...
- Q91. You work as a project manager for BlueWell Inc. You are preparing for the risk identificat...
- Q92. You are the project manager for TTP project. You are in the Identify Risks process. You ha...
- Q93. You are the project manager of HGT project. You are in the first phase of the risk respons...
- Q94. Fred is the project manager of a large project in his organization. Fred needs to begin pl...
- Q95. An interruption in business productivity is considered as which of the following risks?...
- Q96. Which of the following BEST ensures that a firewall is configured in compliance with an en...
- Q97. Implementing which of the following controls would BEST reduce the impact of a vulnerabili...
- Q98. Which of the following BEST enables the risk profile to serve as an effective resource to ...
- Q99. Your project is an agricultural-based project that deals with plant irrigation systems. Yo...
- Q100. When developing a new risk register, a risk practitioner should focus on which of the foll...
- Q101. Henry is the project sponsor of the JQ Project and Nancy is the project manager. Henry has...
- Q102. Of the following, who is accountable for ensuing the effectiveness of a control to mitigat...
- Q103. You are the project manager of HJT project. You want to measure the operational effectiven...
- Q104. You are the project manager of GHT project. You identified a risk of noncompliance with re...
- Q105. Which of the following criteria associated with key risk indicators (KRIs) BEST enables ef...
- Q106. Which of the following techniques examines the degree to which organizational strengths of...
- Q107. Which of the following risks refer to probability that an actual return on an investment w...
- Q108. Which of the following is the BEST indicator of the effectiveness of IT risk management pr...
- Q109. When assessing the maturity level of an organization's risk management framework, which of...
- Q110. Which of the following would provide the BEST guidance when selecting an appropriate risk ...
- Q111. According to the Section-302 of the Sarbanes-Oxley Act of 2002, what does certification of...
- Q112. Which of the following roles would be MOST helpful in providing a high-level view of risk ...
- Q113. Which of the following BEST supports ethical IT risk management practices?...
- Q114. You are the project manager of the QPS project. You and your project team have identified ...
- Q115. You are using Information system. You have chosen a poor password and also sometimes trans...
- Q116. Which of the following processes is described in the statement below? "It is the process o...
- Q117. Which of the following is necessary to enable an IT risk register to be consolidated with ...
- Q118. How residual risk can be determined?
- Q119. Which of the following is the BEST indication of an improved risk-aware culture following ...
- Q120. In which of the following risk management capability maturity levels risk appetite and tol...
- Q121. Which of the following considerations should be taken into account while selecting risk in...
- Q122. Which of the following should be the PRIMARY objective of a risk awareness training progra...
- Q123. Which of the following role carriers will decide the Key Risk Indicator of the enterprise?...
- Q124. The BEST key performance indicator (KPI) to measure the effectiveness of a vendor risk man...
- Q125. What type of policy would an organization use to forbid its employees from using organizat...
- Q126. Which of the following is the BEST indicator of an effective IT security awareness program...
- Q127. John is the project manager of the HGH Project for her company. He and his project team ha...
- Q128. You are working as the project manager of the ABS project. The project is for establishing...
- Q129. Judy has identified a risk event in her project that will have a high probability and a hi...
- Q130. Which among the following acts as a trigger for risk response process?...
- Q131. The PRIMARY reason for periodically monitoring key risk indicators (KRIs) is to:...
- Q132. Which of the following provides the MOST useful information when determining if a specific...
- Q133. Which of the following is the BEST way for a risk practitioner to help management prioriti...
- Q134. An IT department has provided a shared drive for personnel to store information to which a...
- Q135. Implementing which of the following will BEST help ensure that systems comply with an esta...
- Q136. According to the Section-302 of the Sarbanes-Oxley Act of 2002, what does certification of...
- Q137. You are the project manager of GHT project. You want to perform post-project review of you...
- Q138. A risk assessment has identified that an organization may not be in compliance with indust...
- Q139. Which of the following techniques examines the degree to which organizational strengths of...
- Q140. Your project spans the entire organization. You would like to assess the risk of your proj...
- Q141. A service provider is managing a client's servers. During an audit of the service, a nonco...
- Q142. An internal audit report reveals that not all IT application databases have encryption in ...
- Q143. Which of the following will BEST support management reporting on risk?...
- Q144. Which of the following would BEST mitigate the risk associated with reputational damage fr...
- Q145. Which of the following sources is MOST relevant to reference when updating security awaren...
- Q146. You are the project manager of GHT project. Your hardware vendor left you a voicemail sayi...
- Q147. Which of the following are sub-categories of threat? Each correct answer represents a comp...
- Q148. Which of the following statements BEST describes policy?...
- Q149. Which of the following statements are true for risk communication? Each correct answer rep...
- Q150. Which of the following risk responses include feedback and guidance from well-qualified ri...
- Q151. Which of the following is the GREATEST benefit to an organization when updates to the risk...
- Q152. Mary is a project manager in her organization. On her current project she is working with ...
- Q153. Which of the following is MOST important to review when determining whether a potential IT...
- Q154. Suppose you are working in Company Inc. and you are using risk scenarios for estimating th...
- Q155. An identified high probability risk scenario involving a critical, proprietary business fu...
- Q156. Which of the following process ensures that extracted data are ready for analysis?...
- Q157. Which of the following management action will MOST likely change the likelihood rating of ...
- Q158. Which of the following BEST ensures that a firewall is configured in compliance with an en...
- Q159. Which of the following BEST measures the impact of business interruptions caused by an IT ...
- Q160. The best way to test the operational effectiveness of a data backup procedure is to:...
- Q161. You are the project manager of GHT project. You have analyzed the risk and applied appropr...
- Q162. Which of the following is the FOREMOST root cause of project risk? Each correct answer rep...
- Q163. Following a review of a third-party vendor, it is MOST important for an organization to en...
- Q164. Which of the following process ensures that extracted data are ready for analysis?...
- Q165. An organization has raised the risk appetite for technology risk. The MOST likely result w...
- Q166. After a risk has been identified, who is in the BEST position to select the appropriate ri...
- Q167. Before assigning sensitivity levels to information it is MOST important to:...
- Q168. What information is MOST helpful to asset owners when classifying organizational assets fo...
- Q169. An organization is considering adopting artificial intelligence (Al). Which of the followi...
- Q170. Billy is the project manager of the HAR Project and is in month six of the project. The pr...
- Q171. When evaluating enterprise IT risk management it is MOST important to:...
- Q172. Which of the following would be an IT business owner's BEST course of action following an ...
- Q173. An organization has outsourced its IT security operations to a third party. Who is ULTIMAT...
- Q174. A risk practitioner has determined that a key control does not meet design expectations. W...
- Q175. Which of the following is MOST important for a risk practitioner to consider when evaluati...
- Q176. An IT risk threat analysis is BEST used to establish...
- Q177. All business units within an organization have the same risk response plan for creating lo...
- Q178. You are the project manager of the GHY Project for your company. You need to complete a pr...
- Q179. The MOST important reason to monitor key risk indicators (KRIs) is to help management:...
- Q180. What are the requirements of effectively communicating risk analysis results to the releva...
- Q181. You are the project manager of GHT project. A risk event has occurred in your project and ...
- Q182. It is MOST important to the effectiveness of an IT risk management function that the assoc...
- Q183. Which of the following should an organization perform to forecast the effects of a disaste...
- Q184. Which of the following test is BEST to map for confirming the effectiveness of the system ...
- Q185. Which of the following activities would BEST contribute to promoting an organization-wide ...
- Q186. You are the risk professional in Bluewell Inc. You have identified a risk and want to impl...
- Q187. FISMA requires federal agencies to protect IT systems and data. How often should complianc...
- Q188. Which of the following is MOST important to compare against the corporate risk profile?...
- Q189. Which of the following is the BEST method for identifying vulnerabilities?...
- Q190. Which of the following is the BEST key performance indicator (KPI) to measure the effectiv...
