Answered step by step
Verified Expert Solution
Question
1 Approved Answer
1 . Organizations are expected to abide by any laws that apply to them. What is this commonly called? a . accountability b . legal
Organizations are expected to abide by any laws that apply to them. What is
this commonly called?
a accountability
b legal binding
c compliance
d regulatory compensation
What entity is given the authority to create US regulations based on
implementing laws enacted by US Congress?
a American National Standards Institute
b Control Objectives for Information and related Technology COBIT
c National Institute of Standards and Technology NIST
d Regulatory agencies
Which element does not constitute an audit finding?
a criteria
b circumstance
c summary
d impact
Consider the following statements:
I. Aligning risk appetite and strategyHelps manage the uncertainty with
consideration of the goals of the organization.
II Enhancing risk response decisionsImproves the ability to make better
decisions about how to manage risk.
III. Reducing operational surprises and lossesEnhances the organizations ability
to identify potential events or threats and react appropriately.
The above are all key components of:
a CAG
b ERM
c GAPP
d NCP
What is risk arrogance?
a After performing a risk assessment, doing nothing and managing the
consequences of a risk if one is realize
b Seeking alternatives or not participating in the risky activity
c Transferring the risk to other parties
d Not adequately planning for or assessing risk
An unauthorized user has gained access to data and viewed it What has
been lost?
a confidentiality
b availability
c integrity
d nonrepudiation
Which of the following is the definition of compensating controls?
a The detailed recording, management, and updating regarding the details of an
information system.
b An analysis of threats and vulnerabilities against assets
c Determining the existence of relevant and appropriate security policies and
procedures.
d Alternative countermeasures to minimize risk.
Which of the following is the definition of objectives?
a A documented conclusion that highlights deficiencies, abuse, fraud or other
questionable acts
b Actions or changes put in place to reduce a weakness or potential loss.
c A set of goals. Used as part of an assessment to determine what needs to be
accomplished to validate a control.
d An independent assessment that takes a welldefined approach to examining
an organizations internal policies, controls, and activities.
Which of the following is the definition of risk assessment?
a Alternative countermeasures to minimize risk
b An analysis of threats and vulnerabilities against assets.
c An act of manipulating people into divulging information.
d A comparison between the actual and desired outcome.
The general business goals provided by COBIT include goals across four
perspectives.
One of these four perspectives is:
a confidentiality
b acquire and implement
c learning and growth
d infrastructure
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started