CRISC Certified in Risk and Information Systems Control – Question005
You are the risk official in Bluewell Inc. You are supposed to prioritize several risks. A risk has a rating for occurrence, severity, and detection as 4, 5, and 6, respectively. What Risk Priority Number (RPN) you would give to it? A. 120 B. 100 C. 15 D. 30
Correct Answer: A
Explanation:
Explanation:
Steps involving in calculating risk priority number are as follows:
Identify potential failure effects
Identify potential causes
Establish links between each identified potential cause
Identify potential failure modes
Assess severity, occurrence and detection
Perform score assessments by using a scale of 1 -10 (low to high rating) to score these assessments.
Compute the RPN for a particular failure mode as Severity multiplied by occurrence and detection. RPN = Severity * Occurrence * Detection
Hence, RPN = 4 * 5 * 6
= 120
Incorrect Answers: B, C, D: These are not RPN for given values of severity, occurrence, and detection.
Please disable your adblocker or whitelist this site!