Package deal
CRISC PACKAGE DEAL
CRISC PACKAGE DEAL QUESTIONS AND ANSWERS
[Show more]CRISC PACKAGE DEAL QUESTIONS AND ANSWERS
[Show more]FMEA - ️️failure modes effects analysis 
 
BPM - ️️business process modeling 
 
SPC - ️️statistical process control 
 
cusum - ️️cumulative summary. each value is added for a cummulative total. 
 
EL - ️️expected loss 
 
BCP - ️️business continuity planning 
 
CSF - ️️cri...
Preview 2 out of 13 pages
Add to cartFMEA - ️️failure modes effects analysis 
 
BPM - ️️business process modeling 
 
SPC - ️️statistical process control 
 
cusum - ️️cumulative summary. each value is added for a cummulative total. 
 
EL - ️️expected loss 
 
BCP - ️️business continuity planning 
 
CSF - ️️cri...
What is the difference between a standard and a policy? - ️️Standard = A mandatory action, explicit rules, controls or configuration settings that are designed to support and conform to a policy. A standard should make a policy more meaningful and effective by including accepted specifications f...
Preview 2 out of 13 pages
Add to cartWhat is the difference between a standard and a policy? - ️️Standard = A mandatory action, explicit rules, controls or configuration settings that are designed to support and conform to a policy. A standard should make a policy more meaningful and effective by including accepted specifications f...
Which of the following is the MOST important reason for conducting security awareness programs throughout 
an enterprise? 
A. Reducing the risk of a social engineering attack 
B. Training personnel in security incident response 
C. Informing business units about the security strategy 
D. Maintaining...
Preview 4 out of 109 pages
Add to cartWhich of the following is the MOST important reason for conducting security awareness programs throughout 
an enterprise? 
A. Reducing the risk of a social engineering attack 
B. Training personnel in security incident response 
C. Informing business units about the security strategy 
D. Maintaining...
R1-1 Which of the following is MOST important to determine when defining risk management strategies? 
A. Risk assessment criteria 
B. IT architecture complexity 
C. An enterprise disaster recovery plan 
D. Business objectives and operations - ️️D is the correct answer. 
Justification: 
A. Inform...
Preview 4 out of 111 pages
Add to cartR1-1 Which of the following is MOST important to determine when defining risk management strategies? 
A. Risk assessment criteria 
B. IT architecture complexity 
C. An enterprise disaster recovery plan 
D. Business objectives and operations - ️️D is the correct answer. 
Justification: 
A. Inform...
CRISC Scope - ️️Focuses on risk assessment, treatment, and monitoring. These are methods, processes and protocols used and governed withing a larger enterprise risk mgmt. framework. 
 
What does CRISC not address? - ️️CRISC does not address what's detailed in ISO31000 on how to create a ris...
Preview 2 out of 9 pages
Add to cartCRISC Scope - ️️Focuses on risk assessment, treatment, and monitoring. These are methods, processes and protocols used and governed withing a larger enterprise risk mgmt. framework. 
 
What does CRISC not address? - ️️CRISC does not address what's detailed in ISO31000 on how to create a ris...
How many steps in NIST RMF? - ️️6 
 
Name steps of the NIST RMF - ️️1) Categorize Info Systems 
2) Select Security Controls 
3) Implement Security Controls 
4) Assess Security Controls 
5) Authorize Info Systems 
6) Monitor Security Controls 
 
What are the layers of COBIT? - ️️Governanc...
Preview 3 out of 19 pages
Add to cartHow many steps in NIST RMF? - ️️6 
 
Name steps of the NIST RMF - ️️1) Categorize Info Systems 
2) Select Security Controls 
3) Implement Security Controls 
4) Assess Security Controls 
5) Authorize Info Systems 
6) Monitor Security Controls 
 
What are the layers of COBIT? - ️️Governanc...
R1-1 Which of the following is MOST important to determine when defining risk management strategies? 
A. Risk assessment criteria 
B. IT architecture complexity 
C. An enterprise disaster recovery plan 
D. Business objectives and operations - ️️D is the correct answer. 
Justification: 
A. Inform...
Preview 4 out of 111 pages
Add to cartR1-1 Which of the following is MOST important to determine when defining risk management strategies? 
A. Risk assessment criteria 
B. IT architecture complexity 
C. An enterprise disaster recovery plan 
D. Business objectives and operations - ️️D is the correct answer. 
Justification: 
A. Inform...
An enterprise recently developed a breakthrough technology that could provide a significant competitive edge. Which of the following FIRST governs how this information is to be protected from within the enterprise? 
 
A. The data classification policy 
B. The acceptable use policy 
C. Encryption sta...
Preview 4 out of 33 pages
Add to cartAn enterprise recently developed a breakthrough technology that could provide a significant competitive edge. Which of the following FIRST governs how this information is to be protected from within the enterprise? 
 
A. The data classification policy 
B. The acceptable use policy 
C. Encryption sta...
risk assessment report - ️️documentation of results of the process used to identify and evaluate risk and it potential effects. naming those areas that present the highest risk, vulnerability or exposure, also used to manage the project delivery and project benefit risk. 
 
how does an organizat...
Preview 4 out of 61 pages
Add to cartrisk assessment report - ️️documentation of results of the process used to identify and evaluate risk and it potential effects. naming those areas that present the highest risk, vulnerability or exposure, also used to manage the project delivery and project benefit risk. 
 
how does an organizat...
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Stuvia is a marketplace, so you are not buying this document from us, but from seller jackline98. Stuvia facilitates payment to the seller.
No, you only buy these notes for $16.99. You're not tied to anything after your purchase.
4.6 stars on Google & Trustpilot (+1000 reviews)
79650 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now