Answered You can hire a professional tutor to get the answer.
Which of the following statements is true regarding aligning risks?
Which of the following statements is true regarding aligning risks?
a.Organizations should not attempt to align risks, threats, and vulnerabilities to risk management controls.b.The worlds of business and IT inherently align.
c.There is currently no framework available for aligning risks, threats, and vulnerabilities to risk management controls.
d.Conveying IT risks in terms of business risks and translating business goals into IT goals can be challenging.
Which of the following statements is true regarding the latest version of COBIT?
a.The latest release uses of a set of control objectives for the first time.b.The latest release is virtually identical to the previous release.
c.The latest release shifts to a set of principles and enablers.
d.The latest release is not as effective or supported as the previous release.
The purpose of COBIT P09 is to:
a.guide the scope of risk management for an IT infrastructure.
b.decrease the likelihood of infrastructure attacks.
c.define the roles and responsibilities for IT department employees.
d.organize the hierarchy of the organization.
ISACA is an IT professionals' association centered on:
a.maintaining IT compliance.
b.developing IT standards.
c.auditing and IT governance.
d.securing federal government systems.
Which of the following statements is true regarding the ISACA organization?
a.It offered certification programs at one time, but has recently dropped the certifications related to risk and IT governance.
b.It is often confused with, but is unrelated to, the organization that developed the COBIT framework.
c.It serves only the U.S. and has been in existence for less than 10 years.
d.It defines the roles of information systems governance, security, auditing, and assurance professionals worldwide.
The ISACA organization is known today simply by the name ISACA to better serve its wider audience, but ISACA was previously an acronym expanding to:
a.Information Security Alliance and Certification Association.b.IT Security and Control Administration.
c.Information Systems Audit and Control Association.
d.Identify, Secure, Audit, Contain, and Assess.
Which of the following statements is true regarding COBIT 5?
a.It includes a product family of "enabler guides" and "practice guides."b.It does not distinguish between governance and managementc.It is inherently the same as COBIT 4.
d.It has dropped the focus on business-centric concepts and definitions.
COBIT was originally an acronym, but the framework is now referred to simply as COBIT in part because the concept of __________ ends with COBIT version 4.1.
a.control objectives
b.enabling IT
c.aligning risks
d.risk management
Which of the COBIT P09 control objectives suggests identifying a threat that negatively impacts the goals or operations of the enterprise, including business, regulatory, legal, technology, trading partner, human resources, and operational aspects?
a.Establishment of Risk Context
b.Event Identification
c.Risk Assessment
d.IT Risk Management Framework
A consistent approach for IT risk management, effective management of IT risks, continuous evaluation of current IT risks and threats to the organization, and a broadened IT risk management approach are all considered __________ of the IT Risk Management Framework.
a.risk drivers
b.risk factors
c.value drivers
d.risk management factors