Free Isaca IT-Risk-Fundamentals Exam Questions

Become Isaca Certified with updated IT-Risk-Fundamentals exam questions and correct answers

Page: 1 / 68

Total 336 Questions | Updated On: Nov 12, 2025

Add To Cart

Question 1

Which of the following should be found in an I&T asset inventory to help inform the risk identification process?

A : Loss scenario information for assets

B : Security classification of assets

C : Regulatory requirements of assets

Answer: B

Question 2

Potential losses resulting from employee errors and system failures are examples of:

A : operational risk.

B : market risk.

C : strategic risk.

Answer: A

Question 3

Which of the following is MOST important when defining an organization's risk scope?

A : Understanding the impacts of the risk environment to the organization

B : Developing a top-down approach to risk management

C : Developing requirements for risk reporting to executive management

Answer: A

Question 4

Which of the following presents the GREATEST risk for the continued existence of an enterprise?

A : When its risk appetite and tolerance are reviewed annually

B : When its actual risk eventually exceeds organizational risk appetite

C : When its risk appetite and actual risk exceed its risk capacity

Answer: C

Question 5

A bottom-up approach to developing I&T risk-related risk scenarios:

A : is a generic method that allows anyone in the organization to develop risk scenarios.

B : is based on hypothetical situations envisioned by people performing specific I&T functions.

C : should not be used in conjunction with other approaches to evaluate I&T related events.

Answer: B

Page: 1 / 68

Total 336 Questions | Updated On: Nov 12, 2025

Add To Cart