CRISC REVIEW EXAM LATEST VERSION 2024 WITH CORRECT DETAILED ANSWERS (VERIFIED ANSWERS) ALREADY GRADED A+
4 views 0 purchase
Course
CRISC
Institution
CRISC
CRISC REVIEW EXAM LATEST VERSION 2024 WITH CORRECT DETAILED ANSWERS (VERIFIED ANSWERS) ALREADY GRADED A+
Business impact analysis/assessment (BIA) - Answer-Evaluating the criticality and sensitivity of information assets. An exercise that determines the impact of losing the support of any resourc...
CRISC REVIEW EXAM LATEST VERSION
2024 WITH CORRECT DETAILED
ANSWERS (VERIFIED ANSWERS)
ALREADY GRADED A+
Business impact analysis/assessment (BIA) - Answer-Evaluating the criticality and
sensitivity of information assets. An exercise that determines the impact of losing the
support of any resource to an enterprise, establishes the escalation of that loss over
time, identifies the minimum resources needed to recover, and prioritizes the recovery
of processes and the supporting system. Scope Note: This process also includes
addressing: - Income loss - Unexpected expense - Legal issues (regulatory compliance
or contractual) - Interdependent processes - Loss of public reputation or public
confidence
Business objective - Answer-A further development of the business goals into tactical
targets and desired results and outcomes
Business process owner - Answer-The individual responsible for identifying process
requirements, approving process design and managing process performance. Scope
Note: Must be at an appropriately high level in the enterprise and have authority to
commit resources to process-specific risk management activities
Business risk - Answer-A probable situation with uncertain frequency and magnitude of
loss (or gain)
Capability - Answer-An aptitude, competency or resource that an enterprise may
possess or require at an enterprise, business function or individual level that has the
potential, or is required, to contribute to a business outcome and to create value
Capability Maturity Model (CMM) - Answer-1. Contains the essential elements of
effective processes for one or more disciplines. It also describes an evolutionary
improvement path from ad hoc, immature processes to disciplined, mature processes
with improved quality and effectiveness. 2. CMM for software, from the Software
Engineering Institute (SEI), is a model used by many enterprises to identify best
practices useful in helping them assess and increase the maturity of their software
development processes. Scope Note: CMM ranks software development enterprises
according to a hierarchy of five process maturity levels. Each level ranks the
development environment according to its capability of producing quality software. A set
of standards is associated with each of the five levels. The standards for level one
describe the most immature or chaotic processes and the standards for level five
describe the most mature or quality processes. A maturity model that indicates the
, degree of reliability or dependency the business can place on a process achieving the
desired goals or objectives A collection of instructions that an enterprise can follow to
gain better control over its software development process. Compensating control An
internal control that reduces the risk of an existing or potential control weakness
resulting in errors and omissions
Computer emergency response team (CERT) - Answer-A group of people integrated at
the enterprise with clear lines of reporting and responsibilities for standby support in
case of an information systems emergency. This group will act as an efficient corrective
control, and should also act as a single point of contact for all incidents and issues
related to information systems.
Confidentiality - Answer-Preserving authorized restrictions on access and disclosure,
including means for protecting privacy and proprietary information
Control risk self-assessment - Answer-A method/process by which management and
staff of all levels collectively identify and evaluate risk and controls with their business
areas. This may be under the guidance of a facilitator such as an auditor or risk
manager.
Data custodian - Answer-The individual(s) and department(s) responsible for the
storage and safeguarding of computerized data
Data owner - Answer-The individual(s), normally a manager or director, who has
responsibility for the integrity, accurate reporting and use of computerized data
Detective control - Answer-Exists to detect and report when errors, omissions and
unauthorized uses or entries occur
Disaster recovery plan (DRP) - Answer-A set of human, physical, technical and
procedural resources to recover, within a defined time and cost, an activity interrupted
by an emergency or disaster
Enterprise risk management (ERM) - Answer-The discipline by which an enterprise in
any industry assesses, controls, exploits, finances and monitors risk from all sources for
the purpose of increasing the enterprise's short- and long-term value to its stakeholders
Enterprise Resource Planning (ERP) - Answer-A enterprise to automate and integrate
the majority of its planning. System packaged business software system that allows an
business processes, share common data and practices across the entire enterprise,
and produce and access information in a real-time environment. Scope Note: Examples
of ERP include SAP, Oracle Financials and J.D. Edwards.
Event - Answer-Something that happens at a specific place and/or time
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Perfectscorer. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.