Irm Quiz - Information Risk Management

20 Questions | Total Attempts: 211
SettingsSettingsSettings
Please wait...
Create your own Quiz
Irm Quiz - Information Risk Management - Quiz

Information Risk Management (IRM) is a form of risk minimization through policies, procedures, and technology which reduce the threat of cyber attacks from vulnerabilities and bad data security and from third-parties. Wanna learn new things about the topic or revise it? Take the following quiz!

Questions and Answers
  • 1. 
    It is risk to the existence or profit of the organization and may or may not have information security significance.
    • A. 

      Strategic Risk

    • B. 

      Tactical Risk

    • C. 

      Operational Risk

  • 2. 
    It is risk to the information security program’s ability to mitigate relevant strategic risk to information.
    • A. 

      Strategic Risk

    • B. 

      Tactical Risk

    • C. 

      Operational Risk

  • 3. 
    It is concerned with the ability to implement the tactical risk-based control objectives. Such risk includes budget, timelines, and technologies.
    • A. 

      Strategic Risk

    • B. 

      Tactical Risk

    • C. 

      Operational Risk

  • 4. 
    Is providing a feedback mechanism is use for continuous process improvement, true or false?
    • A. 

      True

    • B. 

      False

  • 5. 
    Not included as Risk Management Process
    • A. 

      Set Scope

    • B. 

      Address Risk

    • C. 

      Measure Performance

    • D. 

      Quality Assurance

  • 6. 
    [Blank] are negative events that occur when a vulnerability or weakness is exploited.
  • 7. 
    Threat forecasting examines multiple information sources or sensors. Th reat sensors may include
    • A. 

      Regulatory noncompliance

    • B. 

      Technical Vulnerabilities

    • C. 

      Program Reviews

  • 8. 
    Risk assessments look at the ability of the information security program to identify and mitigate relevant strategic risk to information.
    • A. 

      Strategic Assessment

    • B. 

      Option Operational Assessment

    • C. 

      Tactical Assessment

  • 9. 
    Is Technical vulnerability assessments are an example of a specifically focused type of operational risk assessment true or false?
    • A. 

      True

    • B. 

      False

  • 10. 
    Is a risk assessment framework does not allows both organization of thought and recognition of relationships among this diverse collection of threats and vulnerabilities, true or false?
    • A. 

      True

    • B. 

      False

  • 11. 
    Three attributes of Probability
    • A. 

      Frequency

    • B. 

      Velocity

    • C. 

      Simplicity

    • D. 

      Motive

  • 12. 
    It is the impact successful execution of the event would cause the organization.
  • 13. 
    Is risk may be transferred to someone with a higher risk tolerance, for example, an insurance company, true or false?
    • A. 

      True

    • B. 

      False

  • 14. 
    Controls are controls that can weigh cost versus benefits.
    • A. 

      Out of Control

    • B. 

      Mandatory controls

    • C. 

      Discretionary controls

  • 15. 
    These are controls that must be implemented to mitigate specific risks.
    • A. 

      Out of Control

    • B. 

      Mandatory controls

    • C. 

      Discretionary controls

  • 16. 
    The treatment plan should be comprehensive and should document all necessary information about (thick at least three options)
    • A. 

      Resource requirements

    • B. 

      Performance measures

    • C. 

      Reporting and monitoring requirements

    • D. 

      Set up risk reduction

  • 17. 
    Is an important responsibility of the action plan owner is to identify requirements and procure necessary resources to implement the plan, true or false?
    • A. 

      True

    • B. 

      False

  • 18. 
    Is Program metrics typically does not measure process effectiveness true or false?
    • A. 

      True

    • B. 

      False

  • 19. 
    In Control Attributes, controls in this context may be seen to have two independent attributes, maturity and weight, true or false?
    • A. 

      True

    • B. 

      False

  • 20. 
    A process-based approach is nonrepeatable, nondefensible, and non-extensible, offering metrics to optimize efficiency and effectiveness while reducing risk to an acceptable level, true or false?
    • A. 

      True

    • B. 

      False

Related Topics
Recent Quizzes
Quiz: Risk Management Framework Questions! Quiz: Risk Management Framework Questions!
Risk Management Professional Exam Prep Risk Management Professional Exam Prep
Business Quiz: Key Principle of Risk Management Programs Business Quiz: Key Principle of Risk Management Programs
139 - Chapter 11-13 139 - Chapter 11-13
Risk Management and Level Picking - July 2017 Risk Management and Level Picking - July 2017
Corporate Compliance and Risk Management Quiz! Corporate Compliance and Risk Management Quiz!
Risk Management Quiz For Industry Professionals Risk Management Quiz For Industry Professionals
Quiz: Risk Management Planning Practice Questions Quiz: Risk Management Planning Practice Questions
insurable risk management quiz questions insurable risk management quiz questions
Featured Quizzes
BTS Quiz: Who Is Your BTS Soulmate? BTS Quiz: Who Is Your BTS Soulmate?
Diabetes Facts Quiz: MCQ Trivia! Diabetes Facts Quiz: MCQ Trivia!
What Type Of Girl Are You? Quiz What Type Of Girl Are You? Quiz
Which Anime Character Are You Most Like? Quiz Which Anime Character Are You Most Like? Quiz
Pottermore Sorting Hat Quiz Pottermore Sorting Hat Quiz
What Is The Name Of Your Soulmate? Quiz What Is The Name Of Your Soulmate? Quiz
Popular Topics
+ Show more
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.