Risk Management

Question 1

Risk assessment frequency

Answer 1

The regularity where risk assessments are performed

Question 2

Frequency Ad Hoc

Answer 2

Conducting when needed

Question 3

Frequency recurring

Answer 3

Conducting at regular intervals

Question 4

Frequency one-time

Answer 4

Conducting for a specific purpose and not repeated

Question 5

Frequency continuous

Answer 5

Continuous

Question 6

Risk Identification

Answer 6

Recognizing potential risks that can negatively impact an organization

Question 7

Business Impact Analysis

Answer 7

Process of evaluating the potential effects of disruption to the functions and processes

Question 8

Recovery Time Objective

Answer 8

The maximum length of time that can elapse before the shutdown affects you

Question 9

Recovery Point Objective

Answer 9

The maximum acceptable amount of data loss measured in time

Question 10

Mean Time to Repair (MTTR)

Answer 10

The average time required to repair a failed component

Question 11

Mean Time Between Failures

Answer 11

The average time between failures

Question 12

Risk Register

Answer 12

Document detailing identified risks including description, impact, likelihood, and mitigation strategies

Question 13

Risk Register Description

Answer 13

The what of the risk

Question 14

Risk Register Impact

Answer 14

The consequence of the risk

Question 15

Risk Register Likelihood\Probability

Answer 15

The chance of the risk happening

Question 16

Risk Register Outcome

Answer 16

The result of the risk

Question 17

Risk Register Level\Threshold

Answer 17

Combining the Impact and Likelihood

Question 18

Risk Register Cost

Answer 18

The Financial Impact

Question 19

Risk Register Tolerance\Acceptance

Answer 19

How much the organization is willing to deal with uncertainty

Question 20

Risk Register Appetite

Answer 20

the amount and type of risk an organization is willing to take

Question 21

Key Risk Indicator (KRIs)

Answer 21

Predictive measurements to signal rising risk levels

Question 22

Risk Owner

Answer 22

The person or group responsible for managing the risk

Question 23

Qualitative Risk Analysis

Answer 23

Subjective and high-level view of risks; method of accessing risk based on their impact and the likelihood of occurrence

Question 24

Quantitative Risk Analysis

Answer 24

Objective and numerical view of risks

Question 25

Risk Management Transference

Answer 25

Transferring the risk to another

Question 26

Risk Management Acceptance

Answer 26

Recognizing and embracing the risk

Question 27

Risk Management Avoidance

Answer 27

Take actions to steer clear of risks

Question 28

Risk Management Mitigation

Answer 28

Taking steps to reduce the impact or likelihood

Question 29

Residual risk

Answer 29

Likelihood and impact after implementing strategies

Question 30

Third party vendor risk

Answer 30

Security and operation challenges introduced by external entities

Question 31

Managed service providers

Answer 31

Provides a range of technology services and support to business as clients; example Microsoft Office

Question 32

Supply Chain Attack

Answer 32

Targeting a weaker link to gain access to the primary target

Question 33

CHIPS Act

Answer 33

U.S. federal statute that provides roughly $280 billion in new funding to boost research and manufacturing of semiconductors in USA

Question 34

Vendor assessment

Answer 34

Process that organizations used to evaluate the security, reliability, and performance of external entities

Question 35

Penetration testing

Answer 35

Simulated cyberattack against a supplier system to check for vulnerabilities

Question 36

Internal audit

Answer 36

Vendor's self-assessment where they evaluate their own practices against industry standards

Question 37

Independent assessment

Answer 37

Evaluation conducted by third-party entities that leave no stake in the circle

Question 38

Vendor questionnaire

Answer 38

Documents that potential vendors fill out

Question 39

Rules of engagement

Answer 39

Guidelines that dictate the terms or interaction between vendor and organization

Question 40

Feedback loops

Answer 40

Is a two-way communication between vendor and organization

Question 41

Basic contracts

Answer 41

Establish the relationship of two parties service

Question 42

Service-level Agreement (SLA)

Answer 42

Standard of service a client can expect from a provider

Question 43

Memorandum of Agreement (MOA)

Answer 43

Formal and outlines the specific responsibilities of the roles of the involved

Question 44

Memorandum of Understanding (MOU)

Answer 44

Less binding and more of a declaration of intent

Question 45

Master-service Agreement (MSA)

Answer 45

Blanket agreement that covers the general terms of engagement between parties across multiple transactions

Question 46

Statement of work

Answer 46

Use the specified details for particular projects

Question 47

NDA

Answer 47

Its a nda

Question 48

Business Partnership Agreement

Answer 48

Two entities decide to pool the resources