Multiple Choice
In the NIST 800-39 framework, risk response
A) Addresses how organizations respond to risks
B) Identifies and aggregates the risks facing the organization
C) Describes the environment in which risk-based decisions are made
D) Evaluates the effectiveness of the organization's risk-management plan
Correct Answer:
Verified
Correct Answer:
Verified
Q13: IT general controls are controls that<br>A) Only
Q14: The NIST risk-management framework is specified in
Q15: Internal controls over financial reporting involve all
Q16: Risk is<br>A) A quantified measure of the
Q17: The PCAOB created by the Sarbanes-Oxley act
Q19: The Sarbanes-Oxley act applies to<br>A) Internal control
Q20: Section 302 of the Sarbanes-Oxley act of
Q21: The motivation for the passage of the
Q22: The NIST risk management framework includes<br>A) Profits,
Q23: Risk is quantified by taking the product