高品質なCRISC関連日本語版問題集試験-試験の準備方法-権威のあるCRISC受験料過去問当社ISACAのCRISC学習教材は、複数のエクスペリエンスモードを提供できます。3つの主要なモードから選択できます:PDF、ソフトウェア、オンライン。 まず、CertJukenPDFバージョンは印刷可能です。 第二に、CRISC試験問題のソフトウェアバージョンでは、実際の試験環境をシミュレートして、試験体験をより鮮明にできます。 第三に、オンライン版はすべてのWebブラウザをサポートしているため、すべてのオペレーティングシステムで動作します。 また、CRISC学習教材は、よりリラックスした学習環境でCRISC試験に合格するのに役立ちます。 ISACA Certified in Risk and Information Systems Control 認定 CRISC 試験問題 (Q679-Q684):質問 # 679
You are the product manager in your enterprise. You have identified that new technologies, products and services are introduced in your enterprise time-to-time. What should be done to prevent the efficiency and effectiveness of controls due to these changes?
A. Add more controls
B. Nothing, efficiency and effectiveness of controls are not affected by these changes
C. Receive timely feedback from risk assessments and through key risk indicators, and update controls
D. Explanation:
As new technologies, products and services are introduced, compliance requirements become more complex and strict; business processes and related information flows change over time. These changes can often affect the efficiency and effectiveness of controls. Formerly effective controls become inefficient, redundant or obsolete and have to be removed or replaced. Therefore, the monitoring process has to receive timely feedback from risk assessments and through key risk indicators (KRIs) to ensure an effective control life cycle.
E. Perform Business Impact Analysis (BIA)
正解:C
解説:
is incorrect. Efficiency and effectiveness of controls are not affected by the changes in technology or product, so some measure should be taken. Answer: B is incorrect. Most of the time, the addition of controls results in degradation of the efficiency and profitability of a process without adding an equitable level of corresponding risk mitigation, hence better controls are adopted in place of adding more controls. Answer: C is incorrect. A BIA is a discovery process meant to uncover the inner workings of any process. It helps to identify about actual procedures, shortcuts, workarounds and the types of failure that may occur. It involves determining the purpose of the process, whoperforms the process and its output. It also involves determining the value of the process output to the enterprise.
質問 # 680
Which of the following is MOST helpful in defining an early-warning threshold associated with insufficient network bandwidth''
A. Peak bandwidth usage
B. Average bandwidth usage
C. Bandwidth used during business hours
D. Total bandwidth usage
正解:B
質問 # 681
A review of an organization s controls has determined its data loss prevention {DLP) system is currently failing to detect outgoing emails containing credit card data. Which of the following would be MOST impacted?
A. Risk appetite
B. Inherent risk
C. Key risk indicators (KRls)
D. Residual risk
正解:D
質問 # 682
An organization has built up its cash reserves and has now become financially able to support additional risk
while meeting its objectives. What is this change MOST likely to impact?
A. Risk profile
B. Risk indicators
C. Risk capacity
D. Risk tolerance
正解:C
解説:
Risk capacity is the amount of risk that an organization can financially afford to take, without jeopardizing its
ability to meet its objectives or obligations. Risk capacity is determined by factors such as the organization's
income, assets, liabilities, and cash flow. An organization that has built up its cash reserves has increased its
risk capacity, as it has more financial resources and flexibility to support additional risk. This may enable the
organization to pursue more opportunities or initiatives that involve higher risk and higher reward.
Risk profile is a summary of the key risks that an organization faces, and their implications for the
organization's objectives and strategy. Risk profile may change due to factors such as new technologies,
business initiatives, or external events, but not necessarily due to changes in cash reserves.
Risk indicators are metrics or indicators that help to monitor and evaluate the likelihood or impact of a risk, or
the effectiveness or efficiency of a control. Risk indicators may vary depending on the risk sources, scenarios,
or responses, but not necessarily due to changes in cash reserves.
Risk tolerance is the amount of risk that an organization is willing to accept, based on its risk appetite and risk
capacity. Risk tolerance is influenced by factors such as the organization's culture, values, and objectives, as
well as the risk environment and expectations. Risk tolerance may change due to changes in cash reserves, but
it is not the most likely impact, as it also depends on the organization's risk appetite and other factors.
質問 # 683
Which of following is NOT used for measurement of Critical Success Factors of the project?
A. Customer service
B. Productivity
C. Quality
D. Quantity
正解:D
解説:
Section: Volume A
Explanation:
Incorrect Answers:
A, B, D: Productivity, quality and customer service are used for evaluating critical service factor of any particular project.