1. Right Answer: A
Explanation: For effective post-implementation review the business measurements up front is established during the project.Incorrect Answers:B: Executing sufficient number of business cycles in the new system is done after the completion of the project.C, D: Identifying the information to be reviewed and information collected during each stage of project is done in pre-project phase and not during project for effective post-implementation review.

2. Right Answer: A
Explanation: Risk assessment is a process of analyzing the identified risk, both quantitatively and qualitatively. Quantitative risk assessment requires calculations of two components of risk, the magnitude of the potential loss, and the probability that the loss will occur. While qualitatively risk assessment checks the severity of risk.Hence risk assessment helps in determining the present state of the risk.Incorrect Answers:B: Analyzing the effect of risk on an enterprise is the part of the process while performing risk assessment, but is not the reason for doing it.C: Performing risk assessment may satisfy the regulatory requirements, but is not the reason to perform risk assessment.D: Budgeting appropriately is one the results of risk assessment but is not the reason for performing the risk assessment.

3. Right Answer: B
Explanation: This is categorized as a 'quick win' because the allocation of existing resources or a minor resource investment provides measurable benefits. Quick win is very effective and efficient response that addresses medium to high risk.Incorrect Answers:A: 'Business case to be made' requires careful analysis and management decisions on investments that are more expensive or difficult risk responses to medium to high risk. Here in this scenario, there is only minor investment that is why, it is not 'business case to be made'.C: Risk avoidance is a type of risk response and not risk response prioritization option.D: Deferral addresses costly risk response to a low risk, and hence in this specified scenario it is not used.

4. Right Answer: D
Explanation: Controls are the policies, procedures, practices and guidelines designed to provide appropriate assurance that business objectives are achieved and undesired events are detected, prevented, and corrected. Controls, or countermeasures, will reduce or neutralize threats or vulnerabilities.Controls have three primary objectives: Prevent Recover DetectIncorrect Answers:A, B, C: One or more objectives stated in these choices is not correct objective of control.

5. Right Answer: B
Explanation: The Communications Management Plan defines, in regard to risk management, who will be available to share information on risks and responses throughout the project.The Communications Management Plan aims to define the communication necessities for the project and how the information will be circulated. TheCommunications Management Plan sets the communication structure for the project. This structure provides guidance for communication throughout the project's life and is updated as communication needs change. The Communication Managements Plan identifies and defines the roles of persons concerned with the project. It includes a matrix known as the communication matrix to map the communication requirements of the project.Incorrect Answers:A: The Resource Management Plan does not define risk communications.C: The Risk Management Plan deals with risk identification, analysis, response, and monitoring.D: The stakeholder management strategy does not address risk communications.