What this objective tests
CRISC IT Risk Assessment — Key Topics
Risk management questions test risk identification, qualitative vs quantitative analysis, risk response strategies (avoid, transfer, mitigate, accept), and risk registers.
- Risk identification techniques: brainstorming, SWOT, Delphi technique, and historical data review.
- Qualitative analysis: probability-impact matrix, risk categorisation, and urgency assessment.
- Quantitative analysis: EMV (Expected Monetary Value), Monte Carlo simulation, and sensitivity analysis.
- Risk response strategies and when each is appropriate based on impact and probability.