18 Practice Quiz – Part 1

Which of the following is not a component of the risk management process?
1. Risk identification
2. Risk analysis
3. Risk acceptance
4. Risk elimination

Answer: D. Risk elimination.

Risk elimination is not a component of the risk management process because it is not always possible to eliminate all risks, and attempting to do so may not be feasible. The other options – risk identification, risk analysis, and risk acceptance – are all important components of the risk management process.

What is the purpose of a risk assessment?
1. To identify vulnerabilities in the system
2. To determine the impact of a potential risk event
3. To evaluate the effectiveness of existing controls
4. All of the above

Answer: D. All of the above.

The purpose of a

Get ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide by Shobhit Mehta

18

Practice Quiz – Part 1

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly