94%(224)210 out of 224 people found this document helpful
This preview shows page 4 - 7 out of 15 pages.
Question 142 out of 2 pointsOf the six specific business risks, the ___________________ risk results from negative publicity regardingan organization’s practices. Litigation and a decline in revenue are possible outcomes of this type of risk.
Question 150 out of 2 pointsWhich of the following is not one of the similarities shared by an enterprise risk management (ERM) framework and a governance, risk management, and compliance (GRC) framework?Question 160 out of 2 pointsAn illustration of ________________ would be an organization installing malware software on the network and endpoint, monitoring for suspicious traffic, and responding as needed.Question 172 out of 2 pointsAlso known as the Federal Information Processing Standards (FIPS), the_______________ framework is ashared set of security standards required by the Federal Information Security Management Act (FISMA).Question 180 out of 2 points_______________ is an international governance and controls framework and a widely accepted standard for governing, assessing, and managing IT security and risks.
Question 190 out of 2 pointsAssume that the governance committee states that all projects costing more than $70,000 must be reviewed and approved by the chief information officer and the IT senior leadership team (SLT). At this point, the CIO has the responsibility to ensure that management processes observe the governance rules. For example, the project team might present the proposed project in an SLT meeting for a vote of approval. What does this scenario illustrate about organizational structure?Question 202 out of 2 pointsPolicies and standards are a collection of concrete definitions that describe acceptable and unacceptablehuman behavior. The questions related to_______________ are more appropriate for procedures or guidelines than policies or standards, which require detail that is more at the level of________________.