Which of the following correctly defines qualitative risk management?
The process of subjectively determining the impact of an event that affects a project, program, or business.
Which of the following correctly defines risk?
The possibility of suffering harm or loss.
Single loss expectancy (SLE) can best be defined by which of the following equations?
SLE = asset value * exposure factor
Which of the following correctly defines annualized rate of occurrence?
On an annualized basis, the frequency with which an event is expected to occur
Which of the following is a technology risk?
Business continuity management
The Basel Committee defines operational risk as which of the following?
Risk from disruption by people, systems, processes, or disasters
Which of the following is not an asset?
Equipment failure
The asset value of a small distribution warehouse is $5 million, and this warehouse serves as a backup facility. Its complete destruction by a disaster would take away about 1/5 of the capability of the business.
Which of the following is the calculated s
SLE = $1 million
The asset value of a small distribution warehouse is $5 million, and this warehouse serves as a backup facility. Its complete destruction by a disaster would take away about 1/5 of the capability of the business.
Which of the following is the calculated a
ALE = $20,000
When discussing qualitative risk assessment versus quantitative risk assessment, which of the following is true?
It is impossible to conduct a purely quantitative risk assessment, but it is possible to conduct a purely qualitative risk assessment.
Which of the following correctly defines residual risk?
The risks still remaining after an iteration of risk management
Which of the following is a business risk?
Environmental risk management
Which of the following statements about risk is true?
The risk itself doesn't really change. However, actions can be taken to reduce the impact of the risk.
Which of the following correctly defines a Gantt chart?
A management tool for diagramming schedules, events, and activity duration
Which of the following is not a viable option when dealing with risk?
A manager can take action to increase risk.