CRISC REVIEW EXAM LATEST VERSION 2024 WITH CORRECT DETAILED ANSWERS (VERIFIED ANSWERS) ALREADY GRADED A+
5 keer bekeken 0 keer verkocht
Vak
CRISC
Instelling
CRISC
CRISC REVIEW EXAM LATEST VERSION 2024 WITH CORRECT DETAILED ANSWERS (VERIFIED ANSWERS) ALREADY GRADED A+
Business impact analysis/assessment (BIA) - Answer-Evaluating the criticality and sensitivity of information assets. An exercise that determines the impact of losing the support of any resourc...
CRISC REVIEW EXAM LATEST VERSION
2024 WITH CORRECT DETAILED
ANSWERS (VERIFIED ANSWERS)
ALREADY GRADED A+
Business impact analysis/assessment (BIA) - Answer-Evaluating the criticality and
sensitivity of information assets. An exercise that determines the impact of losing the
support of any resource to an enterprise, establishes the escalation of that loss over
time, identifies the minimum resources needed to recover, and prioritizes the recovery
of processes and the supporting system. Scope Note: This process also includes
addressing: - Income loss - Unexpected expense - Legal issues (regulatory compliance
or contractual) - Interdependent processes - Loss of public reputation or public
confidence
Business objective - Answer-A further development of the business goals into tactical
targets and desired results and outcomes
Business process owner - Answer-The individual responsible for identifying process
requirements, approving process design and managing process performance. Scope
Note: Must be at an appropriately high level in the enterprise and have authority to
commit resources to process-specific risk management activities
Business risk - Answer-A probable situation with uncertain frequency and magnitude of
loss (or gain)
Capability - Answer-An aptitude, competency or resource that an enterprise may
possess or require at an enterprise, business function or individual level that has the
potential, or is required, to contribute to a business outcome and to create value
Capability Maturity Model (CMM) - Answer-1. Contains the essential elements of
effective processes for one or more disciplines. It also describes an evolutionary
improvement path from ad hoc, immature processes to disciplined, mature processes
with improved quality and effectiveness. 2. CMM for software, from the Software
Engineering Institute (SEI), is a model used by many enterprises to identify best
practices useful in helping them assess and increase the maturity of their software
development processes. Scope Note: CMM ranks software development enterprises
according to a hierarchy of five process maturity levels. Each level ranks the
development environment according to its capability of producing quality software. A set
of standards is associated with each of the five levels. The standards for level one
describe the most immature or chaotic processes and the standards for level five
describe the most mature or quality processes. A maturity model that indicates the
, degree of reliability or dependency the business can place on a process achieving the
desired goals or objectives A collection of instructions that an enterprise can follow to
gain better control over its software development process. Compensating control An
internal control that reduces the risk of an existing or potential control weakness
resulting in errors and omissions
Computer emergency response team (CERT) - Answer-A group of people integrated at
the enterprise with clear lines of reporting and responsibilities for standby support in
case of an information systems emergency. This group will act as an efficient corrective
control, and should also act as a single point of contact for all incidents and issues
related to information systems.
Confidentiality - Answer-Preserving authorized restrictions on access and disclosure,
including means for protecting privacy and proprietary information
Control risk self-assessment - Answer-A method/process by which management and
staff of all levels collectively identify and evaluate risk and controls with their business
areas. This may be under the guidance of a facilitator such as an auditor or risk
manager.
Data custodian - Answer-The individual(s) and department(s) responsible for the
storage and safeguarding of computerized data
Data owner - Answer-The individual(s), normally a manager or director, who has
responsibility for the integrity, accurate reporting and use of computerized data
Detective control - Answer-Exists to detect and report when errors, omissions and
unauthorized uses or entries occur
Disaster recovery plan (DRP) - Answer-A set of human, physical, technical and
procedural resources to recover, within a defined time and cost, an activity interrupted
by an emergency or disaster
Enterprise risk management (ERM) - Answer-The discipline by which an enterprise in
any industry assesses, controls, exploits, finances and monitors risk from all sources for
the purpose of increasing the enterprise's short- and long-term value to its stakeholders
Enterprise Resource Planning (ERP) - Answer-A enterprise to automate and integrate
the majority of its planning. System packaged business software system that allows an
business processes, share common data and practices across the entire enterprise,
and produce and access information in a real-time environment. Scope Note: Examples
of ERP include SAP, Oracle Financials and J.D. Edwards.
Event - Answer-Something that happens at a specific place and/or time
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper Perfectscorer. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor $12.99. Je zit daarna nergens aan vast.