You are the risk official in Techmart Inc. You are asked to perform risk assessment on the impact of losing a server. For this assessment you need to calculate monetary value of the server. On which of the following bases do you calculate monetary value? A. Cost to obtain replacement B. Original cost to acquire C. Annual loss expectancy D. Cost of software stored
Correct Answer: A
Explanation:
Explanation:
The monetary value of the server should be based on the cost of its replacement. However, the financial impact to the enterprise may be much broader, based on the function that the server performs for the business and the value it brings to the enterprise.
Incorrect Answers: B, C, D: Cost of software is not been counted because it can be restored from the back-up media. On the other hand’ Ale for all risk related to the server does not represent the server’s value. Lastly, the original cost may be significantly different from the current cost and, therefore, not relevant to this.
You are the project manager of your enterprise. While performing risk management, you are given a task to identify where your enterprise stands in certain practice and also to suggest the priorities for improvements. Which of the following models would you use to accomplish this task? A. Capability maturity model B. Decision tree model C. Fishbone model D. Simulation tree model
Correct Answer: A
Explanation:
Explanation: Capability maturity models are the models that are used by the enterprise to rate itself in terms of the least mature level (having nonexistent or unstructured processes) to the most mature (having adopted and optimized the use of good practices). The levels within a capability maturity model are designed to allow an enterprise to identify descriptions of its current and possible future states. In general, the purpose is to:
Identify, where enterprises are in relation to certain activities or practices.
Suggest how to set priorities for improvements
Incorrect Answers:
D: There is no such model exists in risk management process.
B: Decision tree analysis is a risk analysis tool that can help the project manager in determining the best risk response. The tool can be used to measure probability, impact, and risk exposure and how the selected risk response can affect the probability and/or impact of the selected risk event. It helps to form a balanced image of the risks and opportunities connected with each possible course of action. This makes them mostly useful for choosing between different strategies, projects, or investment opportunities particularly when the resources are limited. A decision tree is a decision support tool that uses a tree-like graph or model of decisions and their possible consequences, including chance event outcomes, resource costs, and utility.
C: Fishbone diagrams or Ishikawa diagrams shows the relationships between the causes and effects of problems.
Which of the following establishes mandatory rules, specifications and metrics used to measure compliance against quality, value, etc.? A. Framework B. Legal requirements C. Standard D. Practices
Correct Answer: C
Explanation:
Explanation:
Standard establishes mandatory rules, specifications and metrics used to measure compliance against quality, value, etc. Standards are usually intended for compliance purposes and to provide assurance to others who interact with a process or outputs of a process.
Incorrect Answers:
A: Frameworks are generally accepted, business-process-oriented structures that establish a common language and enable repeatable business processes.
B: These are legal rules underneath which project has to be.
D: Practices are frequent or usual actions performed as an application of knowledge. A leading practice would be defined as an action that optimally applies knowledge in a particular area. They are issued by a “recognized authority” that is appropriate to the subject matter. issuing bodies may include professional associations and academic institutions or commercial entities such as software vendors. They are generally based on a combination of research, expert insight and peer review.
Henry is the project sponsor of the JQ Project and Nancy is the project manager. Henry has asked Nancy to start the risk identification process for the project, but Nancy insists that the project team be involved in the process. Why should the project team be involved in the risk identification? A. So that the project team can develop a sense of ownership for the risks and associated risk responsibilities. B. So that the project manager can identify the risk owners for the risks within the project and the needed risk responses. C. So that the project manager isn't the only person identifying the risk events within the project. D. So that the project team and the project manager can work together to assign risk ownership.
Correct Answer: A
Explanation:
Explanation: The best answer to include the project team members is that they’ll need to develop a sense of ownership for the risks and associated risk responsibilities.
Incorrect Answers:
B: The reason to include the project team is that the project team needs to develop a sense of ownership for the risks and associated risk responsibilities, not to assign risk ownership and risk responses at this point.
C: While the project manager shouldn’t be the only person to identify the risk events, this isn’t the best answer.
D: The reason to include the project team is that the project team needs to develop a sense of ownership for the risks and associated risk responsibilities, not to assign risk ownership.
In which of the following risk management capability maturity levels does the enterprise takes major business decisions considering the probability of loss and the probability of reward? Each correct answer represents a complete solution. Choose two. A. Level 0 B. Level 2 C. Level 5 D. Level 4
Correct Answer: CD
Explanation:
Explanation: Enterprise having risk management capability maturity level 4 and 5 takes business decisions considering the probability of loss and the probability of reward, i.e., considering all the aspects of risk.
Incorrect Answers:
A: Enterprise having risk management capability maturity level 0 takes business decisions without considering risk credential information.
B: At this low level of risk management capability the enterprise takes decisions considering specific risk issues within functional and business silos (e.g., security, business continuity, operations).
You are working in an enterprise. Assuming that your enterprise periodically compares finished goods inventory levels to the perpetual inventories in its ERP system. What kind of information is being provided by the lack of any significant differences between perpetual levels and actual levels? A. Direct information B. Indirect information C. Risk management plan D. Risk audit information
Correct Answer: B
Explanation:
Explanation: The lack of any significant differences between perpetual levels and actual levels provides indirect information that its billing controls are operating. It does not provide any direct information.
Incorrect Answers:
A: It does not provide direct information as there is no information about the propriety of cutoff. C, D: These are not the types of information.
You are the project manager for the NHH project. You are working with your project team to examine the project from four different defined perspectives to increase the breadth of identified risks by including internally generated risks. What risk identification approach are you using in this example? A. Root cause analysis B. Influence diagramming techniques C. SWOT analysis D. Assumptions analysis
Correct Answer: C
Explanation:
Explanation: This is an example of SWOT analysis. SWOT analysis examines the strengths, weaknesses, opportunities, and threats within the project and generated from within the organization. SWOT stands for Strengths, Weaknesses, Opportunities, and Threats. It is a part of business policy that helps an individual or a company to make decisions. It includes the strategies to build the strength of a company and use the opportunities to make the company successful. It also includes the strategies to overcome the weaknesses of and threats to the company.
Incorrect Answers:
A: Root cause analysis examines causal factors for events within the project.
B: Influence diagramming techniques examines the relationships between things and events within the project.
D: Assumptions analysis does not use four pre-defined perspectives for review.
What is the FIRST phase of IS monitoring and maintenance process? A. Report result B. Prioritizing risks C. Implement monitoring D. Identifying controls
Correct Answer: B
Explanation:
Explanation:
Following are the phases that are involved in Information system monitoring and maintenance:
Prioritize risk: The first phase involves the prioritization of risk which in turn involves following task:
– Analyze and prioritize risks to organizational objectives.
– Identify the necessary application components and flow of information through the system.
– Examine and understand the functionality of the application by reviewing the application system documentation and interviewing appropriate personnel.
Identify controls: After prioritizing risk now the controls are identified, and this involves following tasks:
– Key controls are identified across the internal control system that addresses the prioritized risk.
– Applications control strength is identified.
– Impact of the control weaknesses is being evaluated.
– Testing strategy is developed by analyzing the accumulated information.
Identify information: Now the IS control information should be identified:
– Identify information that will persuasively indicate the operating effectiveness of the internal control system.
– Observe and test user performing procedures.
Implement monitoring: Develop and implement cost-effective procedures to evaluate the persuasive information.
Report results: After implementing monitoring process the results are being reported to relevant stakeholders.
Incorrect Answers: A, C, D: These all phases occur in IS monitoring and maintenance process after prioritizing risks.
Which of the following are parts of SWOT Analysis?
Each correct answer represents a complete solution. (Choose four.) A. Weaknesses B. Tools C. Threats D. Opportunities E. Strengths
Correct Answer: ACDE
Explanation:
Explanation:
SWOT analysis is a strategic planning method used to evaluate the Strengths, Weaknesses, Opportunities, and Threats involved in a project or in a business venture. It involves specifying the objective of the business venture or project and identifying the internal and external factors that are favorable and unfavorable to achieving that objective. The technique is credited to Albert Humphrey, who led a research project at Stanford University in the 1960s and 1970s using data from Fortune 500 companies.
Incorrect Answers:
B: Tools are not the parts of SWOT analysis.
Your project has several risks that may cause serious financial impact if they occur. You have studied the risk events and made some potential risk responses for the risk events but management wants you to do more. They'd like you to create some type of a chart that identified the risk probability and impact with a financial amount for each risk event. What is the likely outcome of creating this type of chart? A. Risk response plan B. Contingency reserve C. Risk response D. Quantitative analysis
Correct Answer: B
Explanation:
Explanation:
This chart is a probability-impact matrix in a quantitative analysis process. The probability and financial impact of each risk is learned through research, testing, and subject matter experts. The probability of the event is multiplied by the financial impact to create a risk event value for each risk. The sum of the risk event values will lead to the contingency reserve for the project.
Incorrect Answers:
A: The risk response plan is based on the risk responses, not the risk probability-impact matrix.
C: The risk responses are needed but this chart doesn’t help the project manager to create them.
D: This chart is created as part of quantitative analysis.
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.