Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.

Exam CRISC topic 1 question 847 discussion

Actual exam question from Isaca's CRISC
Question #: 847
Topic #: 1
[All CRISC Questions]

The MAIN goal of the risk analysis process is to determine the:

  • A. potential severity of impact.
  • B. control deficiencies.
  • C. frequency and magnitude of loss.
  • D. threats and vulnerabilities.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Calvinc
Highly Voted 3 years, 6 months ago
The answer should be C.
upvoted 8 times
...
Staanlee
Most Recent 6 months, 2 weeks ago
Selected Answer: C
C. frequency and magnitude of loss. The main goal of the risk analysis process is to determine the frequency and magnitude of potential loss events. This involves assessing the likelihood (frequency) of specific risks occurring and the potential impact (magnitude) they could have on the organization. Risk analysis considers various factors, including threats, vulnerabilities, and existing controls, to evaluate the overall risk exposure and prioritize risk management efforts. This analysis helps organizations make informed decisions about how to manage and mitigate their risks effectively.
upvoted 1 times
...
CbtL
11 months, 2 weeks ago
Selected Answer: C
It is C.
upvoted 1 times
...
jseeker
1 year ago
Selected Answer: C
Risk analysis according to ISACA, includes assessment of consequences, assessment of incident likelihoods, determination of level of risk; risk identification includes the identification of assets, threats, vulnerabilities, existing controls and consequences (page 53, CRISC review manual, 7th edition)
upvoted 2 times
...
john_boogieman
1 year, 2 months ago
Selected Answer: C
Risk analysis main objective is the modeling of various threats againts assets estimating probability of a loss event and impact. Threats and vulnerabilities are identified in the 'identification' phase.
upvoted 2 times
...
Suchib
1 year, 3 months ago
Its C, nothing else.The purpose of Analysis is to get the impact and probability of risk.
upvoted 2 times
...
Ceecil1959
2 years ago
D is correct. Risk Assessment -> Identify the Risk, then Analyze the risk - Threats and vulnerabilities, and evaluate the risk.
upvoted 1 times
tsangckl
2 years ago
It is risk analysis, after Risk identification. Not D, C is correct.
upvoted 3 times
...
Ceecil1959
1 year, 11 months ago
I stand corrected. C is correct as it is analysis.
upvoted 2 times
...
...
AllaAlla
2 years ago
C is correct via crisc manual Risk analysis— 1. A process by which frequency and magnitude of IT risk scenarios are estimated. 2. The initial steps of risk management: analyzing the value of assets to the business, identifying threats to those assets and evaluating how vulnerable each asset is to those threats
upvoted 2 times
Ceecil1959
2 years ago
The question was the MAIN goal. And C is definitely not the main goal.
upvoted 1 times
...
...
Raj1510
2 years, 2 months ago
support C
upvoted 2 times
...
Rajaji
2 years, 8 months ago
D is correct - CRISC Manual Page 27 - Task statement T1.2 says - Identify potential threats and vulnerabilities to the organization’s people, processes and technology to enable IT risk analysis.
upvoted 3 times
CbtL
11 months, 2 weeks ago
That's risk identification, not analysis. Identification helps analysis.
upvoted 1 times
...
...
CL888
3 years, 7 months ago
Risk analysis determines likelihood, impact, and the risk level. Risk identification identifies threats and vulnerabilities.
upvoted 3 times
Rooks
3 years, 6 months ago
Impact is determined via risk assessment that comes after the analysis. Answer D is correct.
upvoted 3 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...