ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CRISC All Questions

View all questions & answers for the CRISC exam
Go to Exam

Exam CRISC topic 1 question 227 discussion

Actual exam question from Isaca's CRISC
Question #: 227
Topic #: 1
[All CRISC Questions]

Shawn is the project manager of the HWT project. In this project Shawn's team reports that they have found a way to complete the project work cheaply than what was originally estimated earlier. The project team presents a new software that will help to automate the project work. While the software and the associated training costs $25,000 it will save the project nearly $65,000 in total costs. Shawn agrees to the software and changes the project management plan accordingly.
What type of risk response had been used by him?

  • A. Avoiding
  • B. Accepting
  • C. Exploiting
  • D. Enhancing
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
A risk event is being exploited so as to identify the opportunities for positive impacts. Exploit response is one of the strategies to negate risks or threats that appear in a project. This strategy may be selected for risks with positive impacts where the organization wishes to ensure that the opportunity is realized. Exploiting a risk event provides opportunities for positive impact on a project. Assigning more talented resources to the project to reduce the time to completion is an example of exploit response.
Incorrect Answers:
A: To avoid a risk means to evade it altogether, eliminate the cause of the risk event, or change the project plan to protect the project objectives from the risk event.
B: Accepting is a risk response that is appropriate for positive or negative risk events. It does not pursue the risk, but documents the event and allows the risk to happen. Often acceptance is used for low probability and low impact risk events.
D: Enhancing is a positive risk response that aims to increase the probability and/or impact of the risk event.
by YWLow at March 7, 2020, 3:43 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
SuperMax
9 months, 1 week ago
Selected Answer: C
C. Exploiting. Exploiting is a risk response strategy where the project manager takes advantage of an opportunity to maximize the positive impact on the project's objectives. In this case, Shawn identified an opportunity to complete the project more cost-effectively by implementing new software and training, which would save the project nearly $65,000. By agreeing to the software and changing the project management plan accordingly, he is exploiting this opportunity to enhance the project's outcomes.
upvoted 1 times
...
Stefan07
3 years, 2 months ago
I think the main difference is "assurance", In Enhance, there is no assurance that the event will occur while in Exploit there is assurance that the event will happen as the risk manager will do everything to make sure it happen.
upvoted 1 times
...
ow
4 years, 1 month ago
This is from ProjectCubicle.com... Enhance and Exploit are two positive risk response strategies. The main difference between them is; in the enhance strategy you are trying to increase the probability of the opportunity happening but in the exploit strategy you increase the probability of the opportunity to 100%.
upvoted 4 times
...
YWLow
4 years, 4 months ago
There's no clear difference between Enhancing and Exploiting. The whole point of "enhancing" is to have the positive benefit at the end.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel