Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

IT Risk > Risk > Flashcards

Risk Flashcards

1
Q

___ is a typically defined as the objective magnitude or amount of loss that an enterprise can tolerate without risking its continued existence

A

Risk Capacity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

___ is typically defined as the amount of risk, on abroad level, that an enterprise or other entity is willing to accept in pursuit of its mission (or vision) and the achievement of business objectives

A

Risk appetite

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the 3 line of defense of risk

A

1- Managing Risk
2-Guiding, directing, influencing and/or assessing Risk
3-Independent oversight, reviewing and monitoring risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What RACI means?

A

Responsible
Accountable
Consulted
Informed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q 
Who's RACI to: collect risk data
Senior Management
Steering committee (chair)
Department Managers
Risk Practitioners
A

Senior Management - I
Steering committee (chair) - R
Department Managers - C
Risk Practitioners - R

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q 
Who's RACI to: Deliver the risk report (not use all)
Senior Management
Steering committee (chair)
Department Managers
Risk Practitioners
A

Senior Management - I
Steering committee (chair) - A
Department Managers - I
Risk Practitioners - R

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q 
Who's RACI to: Prioritize risk response
Senior Management
Steering committee (chair)
Department Managers
Risk Practitioners
A

Senior Management - A
Steering committee (chair) - I
Department Managers - R
Risk Practitioners -C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q 
Who's RACI to: Monitor Risk
Senior Management
Steering committee (chair)
Department Managers
Risk Practitioners
A

Senior Management -I
Steering committee (chair) -A
Department Managers -R
Risk Practitioners -C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

I&T related risk are because of:

A 
Ownership
Use
Operation
Involvement
Influence 
Adoption
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Type of I&T risk

A

Benefit/value enablement risk
Program and project delivery risk
IT operations and service-delivery risk
Cyberinformation security risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

IT RISK management workflow is

A

1-Conext settling
2-Identification of assets, common risk factor and documenting risk.
3-Assesment. Asses and prioritize risk creating risk scenarios
4-Analysis. Qualitive and quantitively analysis of impact and probability
5-Response and mitigation.
6-Monitoring, reporting and communicating to senior management.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The 3 level of risks are:

A

A)Operational
B)Program and project Risk of the bus strategic objectives
D)Strategic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Control Managerial (administrative) are

A

related to the oversight, reporting, procedures and operations of a process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Cyber and information security risk is related to

A

The danger, harm or loss related to the use of information and communications technology, electronic data and digital or electronic communications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Exploit is

A

An event where the attacker takes advantages of a vulnerability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Likelihood is

A

The probability of something happening

17
Q

Magnitud

A

A measure of the potential severity of loss or the potential gain from realized events/scenarios

18
Q

What covers the folloiwng:
Simulates attacks
Can be covert
Confirms exposures

A

Penetration testing

19
Q

What covers the folloiwng:
Can be manual or automated
Examines target envirionment
Identifies outdated equipment

A

Vulnerbaility Assesment

20
Q

Which of the following is the process to determine the significance of the risk:

a) Risk Evaluation
b) Risk assessment
c) risk analysis

A

a) Risk Evaluation

21
Q

Which is NOT one of the processes involved in the risk assessment process?
A)Documenting
B)aligning
C)Ranking

A

B)aligning

22
Q

_____ is a measure of operating perfomance and efficiency,computed in its simplest form by diving net income by the total investment over the period being considered.

a) cost-benefir
b) return on investment
c) Net present value
d) Return on equity

A

b) return on investment

23
Q

Risk responses that involve investment need to be reingorced by a trough and detailed business case, which include all the following except:
A) justifies the expense of the investment
B) Explains the rationale for the selected response
C)Provides plan for continued support
D)Outlines alternatives

A

D)Outlines alternatives

IT Risk (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions