CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CRISC—Certified in Risk and Information Systems Control Certification Questions and answer - Part 33
1. You are the project manager of the NNN Project. Stakeholders in the two-year project have requested to send status reports to them via. email every week. You have agreed and send reports every Thursday. After six months of the project, the stakeholders are pleased with the project progress and they would like you to reduce the status reports to every two weeks. What process will examine the change to this project process and implement it in the project?
A) Configuration management
B) Communications management
C) Perform integrated change control process
D) Project change control process
2. You are the project manager of your enterprise. You have identified several risks. Which of the following responses to risk is considered the MOST appropriate?
A) Any of the above
B) Insuring
C) Avoiding
D) Accepting
3. John is the project manager of the HGH Project for her company. He and his project team have agreed that if the vendor is late by more than ten days they will cancel the order and hire the NBG Company to fulfill the order. The NBG Company can guarantee orders within three days, but the costs of their products are significantly more expensive than the current vendor. What type of response does John adopt here?
A) Contingent response strategy
B) Risk avoidance
C) Risk mitigation
D) Expert judgment
4. You work as a project manager for BlueWell Inc. You are preparing for the risk identification process. You will need to involve several of the project's key stakeholders to help you identify and communicate the identified risk events. You will also need several documents to help you and the stakeholders identify the risk events. Which one of the following is NOT a document that will help you identify and communicate risks within the project?
A) Stakeholder registers
B) Activity duration estimates
C) Activity cost estimates
D) Risk register
5. You work as a project manager for TechSoft Inc. You are working with the project stakeholders on the qualitative risk analysis process in your project. You have used all the tools to the qualitative risk analysis process in your project. Which of the following techniques is NOT used as a tool in qualitative risk analysis process?
A) Risk Urgency Assessment
B) Risk Reassessment
C) Risk Data Quality Assessment
D) Risk Categorization
A) Configuration management
B) Communications management
C) Perform integrated change control process
D) Project change control process
2. You are the project manager of your enterprise. You have identified several risks. Which of the following responses to risk is considered the MOST appropriate?
A) Any of the above
B) Insuring
C) Avoiding
D) Accepting
3. John is the project manager of the HGH Project for her company. He and his project team have agreed that if the vendor is late by more than ten days they will cancel the order and hire the NBG Company to fulfill the order. The NBG Company can guarantee orders within three days, but the costs of their products are significantly more expensive than the current vendor. What type of response does John adopt here?
A) Contingent response strategy
B) Risk avoidance
C) Risk mitigation
D) Expert judgment
4. You work as a project manager for BlueWell Inc. You are preparing for the risk identification process. You will need to involve several of the project's key stakeholders to help you identify and communicate the identified risk events. You will also need several documents to help you and the stakeholders identify the risk events. Which one of the following is NOT a document that will help you identify and communicate risks within the project?
A) Stakeholder registers
B) Activity duration estimates
C) Activity cost estimates
D) Risk register
5. You work as a project manager for TechSoft Inc. You are working with the project stakeholders on the qualitative risk analysis process in your project. You have used all the tools to the qualitative risk analysis process in your project. Which of the following techniques is NOT used as a tool in qualitative risk analysis process?
A) Risk Urgency Assessment
B) Risk Reassessment
C) Risk Data Quality Assessment
D) Risk Categorization
1. Right Answer: C
Explanation: Although this appears to be a simple change the project manager must still follow the rules of the project's change control system.Integrated change control is a way to manage the changes incurred during a project. It is a method that manages reviewing the suggestions for changes and utilizing the tools and techniques to evaluate whether the change should be approved or rejected. Integrated change control is a primary component of the project's change control system that examines the affect of a proposed change on the entire project.Incorrect Answers:A: Configuration management is the documentation and control of the product's features and functions.B: Communications management is the execution of the communications management plan.D: The project change control process not valid as it's the parent of the integrated change control process, which is more accurate for this question.
2. Right Answer: A
Explanation: The appropriate response to the risk is decided by the risk itself, the company's attitude and appetite of risk, and the threat and opportunity combination of the risk.Incorrect Answers:B, C, D: Depending upon the condition, that is, the risk itself, the company's attitude and appetite of risk, and the threat and opportunity combination of the risk, these response options can be chosen.
3. Right Answer: A
Explanation: As in this case John and his team mates have pre-planned the alternative if the vendor would late in placing the order. Therefore, it is contingent response strategy.Contingent response strategy, also known as contingency planning, involves adopting alternatives to deal with the risks in case of their occurrence. Unlike the mitigation planning in which mitigation looks to reduce the probability of the risk and its impact, contingency planning doesn't necessarily attempt to reduce the probability of a risk event or its impacts. Contingency comes into action when the risk event actually occurs.Incorrect Answers:B: Risk avoidance is the method which involves creating solutions that ensure a specific risk in not realized.C: Risk mitigation attempts to eliminate or significantly decrease the level of risk present. Here no alternatives are pre-planned.D: Expert judgment is utilized in developing risk responses, including feedback and guidance from risk management experts and those internal to the project qualified to provide assistance in this process.
4. Right Answer: D
Explanation: Risk register is not an input to risk identification, but it is an output of risk identification.Incorrect Answers:A, B, C: These are an input to risk identification.Identify Risks is the process of determining which risks may affect the project. It also documents risks' characteristics. The Identify Risks process is part of theProject Risk Management knowledge area. As new risks may evolve or become known as the project progresses through its life cycle, Identify Risks is an iterative process. The process should involve the project team so that they can develop and maintain a sense of ownership and responsibility for the risks and associated risk response actions. Risk Register is the only output of this process.
5. Right Answer: B
Explanation: You will not need the Risk Reassessment technique to perform qualitative risk analysis. It is one of the techniques used to monitor and control risks.Incorrect Answers:A, C, D: The tools and techniques for Qualitative Risk Analysis process are as follows: Risk Probability and Impact Assessment: Risk probability assessment investigates the chances of a particular risk to occur. Risk Impact Assessment investigates the possible effects on the project objectives such as cost, quality, schedule, or performance, including positive opportunities and negative threats. Probability and Impact Matrix: Estimation of risk's consequence and priority for awareness is conducted by using a look-up table or the probability and impact matrix. This matrix specifies the mixture of probability and impact that directs to rating the risks as low, moderate, or high priority. Risk Data Quality Assessment: Investigation of quality of risk data is a technique to calculate the degree to which the data about risks are useful for risk management. Risk Categorization: Risks to the projects can be categorized by sources of risk, the area of project affected and other valuable types to decide the areas of the project most exposed to the effects of uncertainty. Risk Urgency Assessment: Risks that requires near-term responses are considered more urgent to address. Expert Judgment: It is required to categorize the probability and impact of each risk to determine its location in the matrix.
Explanation: Although this appears to be a simple change the project manager must still follow the rules of the project's change control system.Integrated change control is a way to manage the changes incurred during a project. It is a method that manages reviewing the suggestions for changes and utilizing the tools and techniques to evaluate whether the change should be approved or rejected. Integrated change control is a primary component of the project's change control system that examines the affect of a proposed change on the entire project.Incorrect Answers:A: Configuration management is the documentation and control of the product's features and functions.B: Communications management is the execution of the communications management plan.D: The project change control process not valid as it's the parent of the integrated change control process, which is more accurate for this question.
2. Right Answer: A
Explanation: The appropriate response to the risk is decided by the risk itself, the company's attitude and appetite of risk, and the threat and opportunity combination of the risk.Incorrect Answers:B, C, D: Depending upon the condition, that is, the risk itself, the company's attitude and appetite of risk, and the threat and opportunity combination of the risk, these response options can be chosen.
3. Right Answer: A
Explanation: As in this case John and his team mates have pre-planned the alternative if the vendor would late in placing the order. Therefore, it is contingent response strategy.Contingent response strategy, also known as contingency planning, involves adopting alternatives to deal with the risks in case of their occurrence. Unlike the mitigation planning in which mitigation looks to reduce the probability of the risk and its impact, contingency planning doesn't necessarily attempt to reduce the probability of a risk event or its impacts. Contingency comes into action when the risk event actually occurs.Incorrect Answers:B: Risk avoidance is the method which involves creating solutions that ensure a specific risk in not realized.C: Risk mitigation attempts to eliminate or significantly decrease the level of risk present. Here no alternatives are pre-planned.D: Expert judgment is utilized in developing risk responses, including feedback and guidance from risk management experts and those internal to the project qualified to provide assistance in this process.
4. Right Answer: D
Explanation: Risk register is not an input to risk identification, but it is an output of risk identification.Incorrect Answers:A, B, C: These are an input to risk identification.Identify Risks is the process of determining which risks may affect the project. It also documents risks' characteristics. The Identify Risks process is part of theProject Risk Management knowledge area. As new risks may evolve or become known as the project progresses through its life cycle, Identify Risks is an iterative process. The process should involve the project team so that they can develop and maintain a sense of ownership and responsibility for the risks and associated risk response actions. Risk Register is the only output of this process.
5. Right Answer: B
Explanation: You will not need the Risk Reassessment technique to perform qualitative risk analysis. It is one of the techniques used to monitor and control risks.Incorrect Answers:A, C, D: The tools and techniques for Qualitative Risk Analysis process are as follows: Risk Probability and Impact Assessment: Risk probability assessment investigates the chances of a particular risk to occur. Risk Impact Assessment investigates the possible effects on the project objectives such as cost, quality, schedule, or performance, including positive opportunities and negative threats. Probability and Impact Matrix: Estimation of risk's consequence and priority for awareness is conducted by using a look-up table or the probability and impact matrix. This matrix specifies the mixture of probability and impact that directs to rating the risks as low, moderate, or high priority. Risk Data Quality Assessment: Investigation of quality of risk data is a technique to calculate the degree to which the data about risks are useful for risk management. Risk Categorization: Risks to the projects can be categorized by sources of risk, the area of project affected and other valuable types to decide the areas of the project most exposed to the effects of uncertainty. Risk Urgency Assessment: Risks that requires near-term responses are considered more urgent to address. Expert Judgment: It is required to categorize the probability and impact of each risk to determine its location in the matrix.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment