Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Isaca Discussions

Exam CRISC topic 1 question 27 discussion

Actual exam question from Isaca's CRISC
Question #: 27
Topic #: 1
[All CRISC Questions]

David is the project manager of the HRC Project. He has identified a risk in the project, which could cause the delay in the project. David does not want this risk event to happen so he takes few actions to ensure that the risk event will not happen. These extra steps, however, cost the project an additional $10,000. What type of risk response has David adopted?

  • A. Avoidance
  • B. Mitigation
  • C. Acceptance
  • D. Transfer
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
As David is taking some operational controls to reduce the likelihood and impact of the risk, hence he is adopting risk mitigation. Risk mitigation means that actions are taken to reduce the likelihood and/or impact of risk.
Incorrect Answers:
A: Risk avoidance means that activities or conditions that give rise to risk are discontinued. But here, no such actions are taken, therefore risk in not avoided.
C: Risk acceptance means that no action is taken relative to a particular risk; loss is accepted in case it occurs. As David has taken some actions in case to defend, therefore he is not accepting risk.
D: David has not hired a vendor to manage the risk for his project; therefore he is not transferring the risk.
by catcklee at July 16, 2019, 8:16 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
hammieo
Highly Voted 4 years, 2 months ago
Because he's mitigating the potential of the even happening by spending the $10,000. If he was to "avoid" the risk, he would be avoiding the potential scenario that would arise and cause the risk. By taking action, it has to be either mitigation or transfer - and it does not outline who the risk was transferred onto - thereby, it must be mitigation.
upvoted 5 times
...
Wills3rd
Most Recent 3 months ago
I would choose 'A' rather than 'B' based on the wording of this question. Mitigation by its very definition, does not ensure a risk will not happen. It reduces the likelihood but does not guarantee the risk will not occur. The only way to ensure or guarantee a risk will not occur is to avoid the risk entirely. This does not mean the entire project is avoided, but perhaps additional money was spent for an alternative that enabled the project to proceed while avoiding the original risk.
upvoted 1 times
...
JyLuv
3 months, 1 week ago
A. Avoidance: Risk avoidance involves changing the project plan to eliminate the risk or to protect the project objectives from its impact. This typically means altering the way things are done, so the risk is no longer applicable. In this case, David has taken specific actions to ensure that the risk event will not happen, which aligns with the avoidance strategy. The additional cost of $10,000 indicates that he has likely altered or revised aspects of the project plan to completely avoid the risk
upvoted 2 times
...
Ndy
2 years, 5 months ago
Risk Mitigation (B)
upvoted 1 times
...
Parth9
3 years, 8 months ago
The answer is B since he has spent money to ensure the risk event will not happen. Risk avoidance will not be the answer as in risk avoidance you exit from doing the particular activity that gives rise to risk. Sine safeguards are implemented with a cost, ans is mitigation
upvoted 3 times
...
TTChizz
3 years, 10 months ago
ENSURE that it WILL NOT happen! That surely cant be mitigation, but avoidance. Its possible to avoid risk in a project by totally avoiding that scenario. Eg. The plan was to buy Material from an overseas supplier for $100000, but due to potential logistical issues you elect to buy from a supplier next door who can deliver instantly but charges $110000 for the exact same materials. That surely would be risk avoidance because it ENSURE that late delivery WILL NOT happen.
upvoted 2 times
CL888
3 years, 8 months ago
But it says that it "costs" an additional $10.000, in other words, he's paying for a safeguard, I don't think that risk avoidance ends up in you paying more, it may lead to not making $10.000 because the opportunity is not taken.
upvoted 4 times
...
...
theApostle
4 years, 5 months ago
my thoughts exactly
upvoted 1 times
...
catcklee
4 years, 9 months ago
Statement said David take action so that risk event will not happen. So why is the answer not risk avoidance?
upvoted 3 times
Ndy
1 year, 4 months ago
Risk avoidance means the project is NOT undertaken. The answer cant be AVOIDANCE and still spend $10000.. it has to expend that cost while MITIGATING the risk. $10k is the cost mitigation....could mean hiring additional staff, building a wall (like USA boarder--LOL)
upvoted 1 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel