EMT Practice Test
1. Question Content...
Question7: Which of the following would require updates to an organization's IT risk register?
Question12: Prudent business practice requires that risk appetite not exceed:
Question36: Which of the following can be used to assign a monetary value to risk?
Question39: Which of the following is MOST important when discussing risk within an organization?
Question42: An upward trend in which of the following metrics should be of MOST concern?
Question45: Controls should be defined during the design phase of system development because:
Question50: Which of the following would prompt changes in key risk indicator {KRI) thresholds?
Question55: Which of the following is MOST useful when communicating risk to management?
Question56: Which of the following is the BEST way to support communication of emerging risk?
Question57: Which of the following is performed after a risk assessment is completed?
Question64: When prioritizing risk response, management should FIRST:
Question66: The PRIMARY reason for periodically monitoring key risk indicators (KRIs) is to:
Question71: Which of the following conditions presents the GREATEST risk to an application?
Question73: Which of the following BEST enables the identification of trends in risk levels?
Question74: A risk practitioner has just learned about new done FIRST?
Question77: Which of the following is the MOST important benefit of key risk indicators (KRIs)'
Question82: Which of the following approaches would BEST help to identify relevant risk scenarios?
Question85: To help identify high-risk situations, an organization should:
Question91: When evaluating enterprise IT risk management it is MOST important to:
Question98: An effective control environment is BEST indicated by controls that:
Question100: The MAIN purpose of a risk register is to:
Question102: Which of the following should be considered when selecting a risk response?
Question105: Which of the following is the BEST way to identify changes to the risk landscape?
Question106: Which of the following attributes of a key risk indicator (KRI) is MOST important?
Question108: Which of the following will BEST help in communicating strategic risk priorities?
Question109: Which of the following is the MOST important input when developing risk scenarios?
Question110: The BEST way to test the operational effectiveness of a data backup procedure is to:
Question122: Who is the MOST appropriate owner for newly identified IT risk?
Question123: What is the PRIMARY reason to periodically review key performance indicators (KPIs)?
Question126: The PRIMARY purpose of a maturity model is to compare the:
Question127: The MOST essential content to include in an IT risk awareness program is how to:
Question129: The risk associated with a high-risk vulnerability in an application is owned by the:
Question130: The PRIMARY benefit of classifying information assets is that it helps to:
Question142: Whose risk tolerance matters MOST when making a risk decision?
Question145: The PRIMARY purpose of IT control status reporting is to:
Question146: The BEST criteria when selecting a risk response is the:
Question150: Calculation of the recovery time objective (RTO) is necessary to determine the:
Question151: Which of the following would be considered a vulnerability?
Question153: Mapping open risk issues to an enterprise risk heat map BEST facilitates:
Question159: Which of the following BEST indicates the condition of a risk management program?
Question164: The GREATEST concern when maintaining a risk register is that:
Question167: The MAIN reason for creating and maintaining a risk register is to:
Question170: IT risk assessments can BEST be used by management:
Question178: Which of the following should be the HIGHEST priority when developing a risk response?
Question185: Which of the following is the BEST course of action to reduce risk impact?
Question186: Which of the following would BEST ensure that identified risk scenarios are addressed?
Question193: Which of the following is MOST helpful in aligning IT risk with business objectives?
Question195: Which of the following should be an element of the risk appetite of an organization?
Question196: Which of the following is the BEST indication of a mature organizational risk culture?
Question211: Which of the following is a KEY outcome of risk ownership?
Question213: Which of the following would be MOST beneficial as a key risk indicator (KRI)?
Question216: Accountability for a particular risk is BEST represented in a:
Question225: Which of the following activities is PRIMARILY the responsibility of senior management?

