A risk owner should be the person accountable for:

A. implementing actions
B. managing controls
C. the risk management process
D. the business process

An unauthorized individual has socially engineered entry into an organization’s secured physical premises. Which of the following is the BEST way to prevent future occurrences?

A. Require security access badges
B. Employ security guards
C. Install security cameras
D. Conduct security awareness training

Which of the following should be management’s PRIMARY consideration when approving risk response action plans?

A. Prioritization for implementing the action plans
B. Ability of the action plans to address multiple risk scenarios
C. Ease of implementing the risk treatment solution
D. Changes in residual risk after implementing the plans

Which of the following is MOST important to communicate to senior management during the initial implementation of a risk management program?

A. Risk ownership
B. Best practices
C. Desired risk level
D. Regulatory compliance

When evaluating enterprise IT risk management, it is MOST important to:

A. create new control processes to reduce identified IT risk scenarios
B. review alignment with the organization’s investment plan
C. report identified IT risk scenarios to senior management
D. confirm the organization’s risk appetite and tolerance

An organization uses a vendor to destroy hard drives. Which of the following would BEST reduce the risk of data leakage?

A. Implement an encryption policy for the hard drives
B. Require the vendor to degauss the hard drives
C. Use an accredited vendor to dispose of the hard drives
D. Require confirmation of destruction from the IT manager

Which of the following would be MOST useful when measuring the progress of a risk response action plan?

A. Resource expenditure against budget
B. An up-to-date risk register
C. Percentage of mitigated risk scenarios
D. Annual loss expectancy (ALE) changes

In response to the threat of ransomware, an organization has implemented cybersecurity awareness activities. The risk practitioner’s BEST recommendation to further reduce the impact of ransomware attacks would be to implement:

A. encryption for data at rest
B. encryption for data in motion
C. two-factor authentication
D. continuous data backup controls

Which of the following is the BEST key performance indicator (KPI) to measure the maturity of an organization’s security incident handling process?

A. The number of resolved security incidents
B. The number of security incidents escalated to senior management
C. The number of newly identified security incidents
D. The number of recurring security incidents

Participants in a risk workshop have become focused on the financial cost to mitigate risk rather than choosing the most appropriate response. Which of the following is the BEST way to address this type of issue in the long term?

A. Review the risk register and risk scenarios
B. Calculate annualized loss expectancy of risk scenarios
C. Raise the maturity of organizational risk management
D. Perform a return on investment analysis