1. Right Answer: A
Explanation: Information about the propriety of cutoff is a kind of direct information.Incorrect Answers:B: Reports that show orders that were rejected for credit limitations provide indirect information that credit checking aspects of the system are working as intended.C: Reports that provide information about any unusual deviations and individual product margins (whereby, the price of an item sold is compared to its standard cost) provide indirect information that controls over billing and pricing are operating.D: The lack of any significant differences between perpetual levels and actual levels provides indirect information that its billing controls are operating.

2. Right Answer: A
Explanation: A salience model defines and charts stakeholders' power, urgency, and legitimacy in the project.The salience model is a technique for categorizing stakeholders according to their importance. The various difficulties faced by the project managers are as follows: How to choose the right stakeholders? How to prioritize competing claims of the stakeholders communication needs?Stakeholder salience is determined by the evaluation of their power, legitimacy and urgency in the organization. Power is defined as the ability of the stakeholder to impose their will. Urgency is the need for immediate action. Legitimacy shows the stakeholders participation is appropriate or not.The model allows the project manager to decide the relative salience of a particular stakeholder.Incorrect Answers:B: This defines the power/interest grid.C: This defines an influence/impact grid.D: This defines a power/influence grid.

3. Right Answer: A
Explanation: Asset identification is the most crucial and first step in the risk assessment process. Risk identification, assessment and evaluation (analysis) should always be clearly aligned to assets. Assets can be people, processes, infrastructure, information or applications.

4. Right Answer: A
Explanation: Risk indicators are metrics used to indicate risk thresholds, i.e., it gives indication when a risk level is approaching a high or unacceptable level of risk. The main objective of a risk indicator is to ensure tracking and reporting mechanisms that alert staff about the potential risks.Incorrect Answers:B, D: Estimation of risk's consequence and priority for awareness is conducted by using probability and impact matrix. These matrices specify the mixture of probability and impact that directs to rating the risks as low, moderate, or high priority.C: A risk scenario is a description of an event that can lay an impact on business, when and if it would occur.Some examples of risk scenario are of: Having a major hardware failure Failed disaster recovery planning (DRP) Major software failure

5. Right Answer: A,D
Explanation: Risk appetite is the amount of risk a company or other entity is willing to accept in pursuit of its mission. This is the responsibility of the board to decide risk appetite of an enterprise. When considering the risk appetite levels for the enterprise, the following two major factors should be taken into account:The enterprise's objective capacity to absorb loss, e.g., financial loss, reputation damage, etc.The culture towards risk taking-cautious or aggressive. In other words, the amount of loss the enterprise wants to accept in pursue of its objective fulfillment.Incorrect Answers:B: Alignment with risk-culture is also one of the factors but is not as important as these two.C: Risk aware decision is not the factor, but is the result which uses risk appetite information as its input.