CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CRISC—Certified in Risk and Information Systems Control Certification Questions and answer - Part 2
1. You work as a project manager for BlueWell Inc. You are about to complete the quantitative risk analysis process for your project. You can use three available tools and techniques to complete this process. Which one of the following is NOT a tool or technique that is appropriate for the quantitative risk analysis process?
A) Data gathering and representation techniques
B) Expert judgment
C) Quantitative risk analysis and modeling techniques
D) Organizational process assets
2. Which of the following is the PRIMARY requirement before choosing Key performance indicators of an enterprise?
A) Determine size and complexity of the enterprise
B) Prioritize various enterprise processes
C) Determine type of market in which the enterprise operates
D) Enterprise must establish its strategic and operational goals
3. You are the project manager of project for a client. The client has promised your company a bonus, if the project is completed early. After studying the project work, you elect to crash the project in order to realize the early end date. This is an example of what type of risk response?
A) Negative risk response, because crashing will add risks.
B) Positive risk response, as crashing is an example of enhancing.
C) Positive risk response, as crashing is an example of exploiting.
D) Negative risk response, because crashing will add costs.
4. Judy has identified a risk event in her project that will have a high probability and a high impact. Based on the requirements of the project, Judy has asked to change the project scope to remove the associated requirement and the associated risk. What type of risk response is this?
A) Exploit
B) Not a risk response, but a change request
C) Avoidance
D) Transference
5. You are the risk professional of your enterprise. You have performed cost and benefit analysis of control that you have adopted. What are all the benefits of performing cost and benefit analysis of control? Each correct answer represents a complete solution. Choose three.(Select 3answers)
A) It helps in determination of the cost of protecting what is important
B) It helps in taking risk response decisions
C) It helps in providing a monetary impact view of risk
D) It helps making smart choices based on potential risk mitigation costs and losses
A) Data gathering and representation techniques
B) Expert judgment
C) Quantitative risk analysis and modeling techniques
D) Organizational process assets
2. Which of the following is the PRIMARY requirement before choosing Key performance indicators of an enterprise?
A) Determine size and complexity of the enterprise
B) Prioritize various enterprise processes
C) Determine type of market in which the enterprise operates
D) Enterprise must establish its strategic and operational goals
3. You are the project manager of project for a client. The client has promised your company a bonus, if the project is completed early. After studying the project work, you elect to crash the project in order to realize the early end date. This is an example of what type of risk response?
A) Negative risk response, because crashing will add risks.
B) Positive risk response, as crashing is an example of enhancing.
C) Positive risk response, as crashing is an example of exploiting.
D) Negative risk response, because crashing will add costs.
4. Judy has identified a risk event in her project that will have a high probability and a high impact. Based on the requirements of the project, Judy has asked to change the project scope to remove the associated requirement and the associated risk. What type of risk response is this?
A) Exploit
B) Not a risk response, but a change request
C) Avoidance
D) Transference
5. You are the risk professional of your enterprise. You have performed cost and benefit analysis of control that you have adopted. What are all the benefits of performing cost and benefit analysis of control? Each correct answer represents a complete solution. Choose three.(Select 3answers)
A) It helps in determination of the cost of protecting what is important
B) It helps in taking risk response decisions
C) It helps in providing a monetary impact view of risk
D) It helps making smart choices based on potential risk mitigation costs and losses
1. Right Answer: D
Explanation: Organizational process asset is not a tool and technique, but an input to the quantitative risk analysis process. Quantitative Risk Analysis is a process to assess the probability of achieving particular project objectives, to quantify the effect of risks on the whole project objective, and to prioritize the risks based on the impact to overall project risk. Quantitative Risk Analysis process analyzes the affect of a risk event deriving a numerical value. It also presents a quantitative approach to build decisions in the presence of uncertainty. The inputs for Quantitative Risk Analysis are: Organizational process assets Project Scope Statement Risk Management Plan Risk Register Project Management PlanIncorrect Answers:A: Data gathering and representation technique is a tool and technique for the quantitative risk analysis process.B: Expert judgment is a tool and technique for the quantitative risk analysis process.C: Quantitative risk analysis and modeling techniques is a tool and technique for the quantitative risk analysis process.
2. Right Answer: D
Explanation: Key Performance Indicators is a set of measures that a company or industry uses to measure and/or compare performance in terms of meeting their strategic and operational goals. KPIs vary with company to company, depending on their priorities or performance criteria.A company must establish its strategic and operational goals and then choose their KPIs which can best reflect those goals. For example, if a software company's goal is to have the fastest growth in its industry, its main performance indicator may be the measure of its annual revenue growth.Incorrect Answers:A: Determination of size and complexity of the enterprise is the selection criteria of the KRI, not KPI. KPI does not have any relevancy with size and complexity of the enterprise.B: This is not the valid answer.C: Type of market in which the enterprise is operating do not affect the selection of KPIs.
3. Right Answer: B
Explanation: This is a positive risk response, as crashing is an example of enhancing. You are enhancing the probability of finishing the project early to realize the reward of bonus. Enhancing doesn't ensure positive risks, but it does increase the likelihood of the event.Incorrect Answers:A: Crashing is a positive risk response. Generally, crashing doesn't add risks and is often confused with other predominant schedule compression techniques of fast tracking - which does add risks.C: This isn't an example of exploiting. Exploiting is an action to take advantage of a positive risk response that will happen.D: Crashing does add costs, but in this instance, crashing is an example of the positive risk response of enhancing.
4. Right Answer: C
Explanation: Risk avoidance involves changing the project management plan to eliminate the threat entirely. The project manager may also isolate the project objectives from the risk's impact or change the objective that is in jeopardy. Examples of this include extending the schedule, changing the strategy, or reducing the scope. The most radical avoidance strategy is to shut down the project entirely. Some risks that arise early in the project can be avoided by clarifying requirements, obtaining information, improving communication, or acquiring expertise.Incorrect Answers:A: Exploit risk response is used for positive risk or opportunity, not for negative risk.B: This risk response does require a change request, in some instances, but it's the avoidance risk response and not just a change request.D: Transference allows the risk to be transferred, not removed from the project, to a third party. Transference usually requires a contractual relationship with the third party.
5. Right Answer: A,C,D
Explanation:
Explanation: Organizational process asset is not a tool and technique, but an input to the quantitative risk analysis process. Quantitative Risk Analysis is a process to assess the probability of achieving particular project objectives, to quantify the effect of risks on the whole project objective, and to prioritize the risks based on the impact to overall project risk. Quantitative Risk Analysis process analyzes the affect of a risk event deriving a numerical value. It also presents a quantitative approach to build decisions in the presence of uncertainty. The inputs for Quantitative Risk Analysis are: Organizational process assets Project Scope Statement Risk Management Plan Risk Register Project Management PlanIncorrect Answers:A: Data gathering and representation technique is a tool and technique for the quantitative risk analysis process.B: Expert judgment is a tool and technique for the quantitative risk analysis process.C: Quantitative risk analysis and modeling techniques is a tool and technique for the quantitative risk analysis process.
2. Right Answer: D
Explanation: Key Performance Indicators is a set of measures that a company or industry uses to measure and/or compare performance in terms of meeting their strategic and operational goals. KPIs vary with company to company, depending on their priorities or performance criteria.A company must establish its strategic and operational goals and then choose their KPIs which can best reflect those goals. For example, if a software company's goal is to have the fastest growth in its industry, its main performance indicator may be the measure of its annual revenue growth.Incorrect Answers:A: Determination of size and complexity of the enterprise is the selection criteria of the KRI, not KPI. KPI does not have any relevancy with size and complexity of the enterprise.B: This is not the valid answer.C: Type of market in which the enterprise is operating do not affect the selection of KPIs.
3. Right Answer: B
Explanation: This is a positive risk response, as crashing is an example of enhancing. You are enhancing the probability of finishing the project early to realize the reward of bonus. Enhancing doesn't ensure positive risks, but it does increase the likelihood of the event.Incorrect Answers:A: Crashing is a positive risk response. Generally, crashing doesn't add risks and is often confused with other predominant schedule compression techniques of fast tracking - which does add risks.C: This isn't an example of exploiting. Exploiting is an action to take advantage of a positive risk response that will happen.D: Crashing does add costs, but in this instance, crashing is an example of the positive risk response of enhancing.
4. Right Answer: C
Explanation: Risk avoidance involves changing the project management plan to eliminate the threat entirely. The project manager may also isolate the project objectives from the risk's impact or change the objective that is in jeopardy. Examples of this include extending the schedule, changing the strategy, or reducing the scope. The most radical avoidance strategy is to shut down the project entirely. Some risks that arise early in the project can be avoided by clarifying requirements, obtaining information, improving communication, or acquiring expertise.Incorrect Answers:A: Exploit risk response is used for positive risk or opportunity, not for negative risk.B: This risk response does require a change request, in some instances, but it's the avoidance risk response and not just a change request.D: Transference allows the risk to be transferred, not removed from the project, to a third party. Transference usually requires a contractual relationship with the third party.
5. Right Answer: A,C,D
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment