GRC

Question 1

How many privacy principles make up the OECD privacy principles

Answer 1

8

Question 2

GDPR only applies to people living in Australia (true or false)

Answer 2

False

Question 3

This was developed for accountants

Answer 3

GAPP

Question 4

All of the following are privacy challenges in the modern world except :
Geolocation considerations
Complex contracts
Fragmentation of laws
Granting end users too much privacy

Answer 4

Granting end users too much privacy

Question 5

Which of the following help drive security
OECD Pivacy principles
E.U. general privacy principles
NIST privacy framework
Generally accepted privacy principles

Answer 5

Generally accepted privacy principles

Question 6

Profitability is impacted by risk oversight and asset management but not by the enterprise architecture (true or false)

Answer 6

False

Question 7

In the EA model enterprise governance is found at layer 4 (true or false)

Answer 7

False

Question 8

Which layer of the enterprise architecture reference model deals with the business units

Answer 8

Layer 2

Question 9

The first step in the TOGAF model is migration planning (true or false)

Answer 9

False

Question 10

Security is not built into the SABSA model so its important for organizations to also implement zero trust (true or false)

Answer 10

False

Question 11

What does BIA stand for?

Answer 11

Business impact Analysis

Question 12

What is the purpose of bcm

Answer 12

Focuses on the organization’s strategy for business resilience

Question 13

What are the steps of NIST SP 800-34

Answer 13

Determine mission processes and recovery criticality
Identify resource requirements
Identify recovery priorities

Question 14

What is RPO?

Answer 14

recovery point objective, represents the point and time prior to a disruption or system outage. To which business process data must be recovered after an outage

Question 15

What is an rto?

Answer 15

It defines the maximum amount of time that a system resource can remain unavailable before there is an unexceptionable impact on other systems resources, mission/business processes and mtd

Question 16

What’s an mtd?

Answer 16

Represents the total amount of time leaders/managers are willing to accept for a mission/business process outage or disruption and includes all impact considerations

Question 17

How many influential business drivers are there?

Answer 17

6

Question 18

What does CMMI STAND FOR

Answer 18

capability maturity model integration

Question 19

What are the significant compliance drivers used to manage a grc program effectively

Answer 19

Organizational, contractual, regulatory

Question 20

True or false
A code of ethics covers extreme care

Answer 20

True

Question 21

NIST SP 800-34 specifies the nine steps that are typically involved in accomplishing the business impact analysis (BIA)
TRUE OR fALSE

Answer 21

False

Question 22

How many privacy principles make up the OECD privacy principles

Answer 22

8

Question 23

True or false
In the EA model, enterprise governance is found at layer 4

Answer 23

False

Question 24

PCI-DSS has how many objectives

Answer 24

6

Question 25

True or false
Profitability is impacted by risk oversight and asset management, but not by the enterprise architecture

Answer 25

False

Question 26

True or false
GDRP only applies to people living in Australia

Answer 26

False

Question 27

BIA stands for?

Answer 27

Business impact analysis

Question 28

The ceo always reports directly to the grc lead because grc is deemed a critical component of the business
True or false

Answer 28

False

Question 29

True or false
Security is not built into the SABSA model so its important for organizations to also implement zero trust

Answer 29

False

Question 30

True or false
Business continuity management is solely focused on the technical recovery of systems and processes after an event occurs

Answer 30

False