Free GAQM ISO-27005-LRM Exam Questions

Become GAQM Certified with updated ISO-27005-LRM exam questions and correct answers

Page: 1 / 160

Total 796 Questions | Updated On: Jun 03, 2025

Add To Cart

Question 1

A government agency is implementing a risk management program. What factor should be emphasized in the risk management method to align with public sector requirements?

A : Emphasizing only the risks related to the agency's internal IT systems, ignoring external factors.

B : Focusing solely on risks that have a direct financial impact and ignoring other types of risks.

C : Adopting a method that is exclusively used in the private sector without any adaptation.

D : Prioritizing the protection of public data and continuity of government services in the risk management method.

Answer: D

Question 2

A company is undergoing a major IT infrastructure upgrade, and the risk manager needs to communicate the associated security risks to a diverse group of stakeholders, including technical staff, senior management, and non-technical employees. What is the most effective communication approach to ensure all stakeholders understand the risks and their implications?

A : Provide a general overview of risks without delving into specific details.

B : Prepare different versions of the communication tailored to each group's level of understanding.

C : Use highly technical language to convey the complexity of the risks.

D : Focus the communication solely on the most severe risks.

Answer: B

Question 3

A company is reviewing its information security management system (ISMS) to ensure it aligns with the best practices for establishing, implementing, maintaining, and continually improving information security. Which ISO/IEC 27000 family standard primarily guides the structure and implementation of an ISMS?

A : ISO/IEC 27017

B : ISO/IEC 27005

C : ISO/IEC 27001

D : ISO/IEC 27002

Answer: C

Question 4

A university is upgrading its learning management system (LMS), which contains student information and academic records. Who should be designated as the risk owner for the LMS upgrade project, and what would be their primary task?

A : The registrar, responsible for maintaining academic records.

B : The data protection officer (DPO), responsible for student data privacy.

C : The IT director, responsible for the technical aspects of the upgrade.

D : The Chief Information Officer (CIO), responsible for the overall IT strategy.

Answer: D

Question 5

A financial services firm is implementing a risk assessment program for its digital banking services. What factor is important to consider when selecting a risk assessment methodology?

A : Using an outdated risk assessment methodology that does not consider current digital banking trends and threats.

B : Selecting a methodology that disregards the specific risks associated with digital banking.

C : Focusing only on quantitative analysis and disregarding the qualitative aspects of risk.

D : Choosing a methodology that aligns with the firm's digital banking services and regulatory compliance requirements.

Answer: D

Page: 1 / 160

Total 796 Questions | Updated On: Jun 03, 2025

Add To Cart