Free Isaca IT-Risk-Fundamentals Exam Questions

Become Isaca Certified with updated IT-Risk-Fundamentals exam questions and correct answers

Page: 1 / 68

Total 336 Questions | Updated On: Feb 18, 2026

Add To Cart

Question 1

A bottom-up approach to developing I&T risk-related risk scenarios:

A : is a generic method that allows anyone in the organization to develop risk scenarios.

B : is based on hypothetical situations envisioned by people performing specific I&T functions.

C : should not be used in conjunction with other approaches to evaluate I&T related events.

Answer: B

Question 2

Which of the following is MOST important when defining an organization's risk scope?

A : Understanding the impacts of the risk environment to the organization

B : Developing a top-down approach to risk management

C : Developing requirements for risk reporting to executive management

Answer: A

Question 3

Which of the following should be found in an I&T asset inventory to help inform the risk identification process?

A : Loss scenario information for assets

B : Security classification of assets

C : Regulatory requirements of assets

Answer: B

Question 4

Publishing l&T risk-related policies and procedures BEST enables an enterprise to:

A : set the overall expectations for risk management.

B : hold management accountable for risk loss events.

C : ensure regulatory compliance and adherence to risk standards.

Answer: A

Question 5

A bottom-up approach to developing I&T risk-related risk scenarios:

A : is a generic method that allows anyone in the organization to develop risk scenarios.

B : is based on hypothetical situations envisioned by people performing specific I&T functions.

C : should not be used in conjunction with other approaches to evaluate I&T related events.

Answer: B

Page: 1 / 68

Total 336 Questions | Updated On: Feb 18, 2026

Add To Cart