Risk Analysis Flashcards

Question 1

Q

Risk Analysis in the context of an audit

Answer

A

Is the activity that is used to determine the areas that warrant additional examination and analysis.

Question 2

Q

IT Framework majors activities

Answer

A

Risk governance
Risk evaluation
Risk Response

Question 3

Q

First phase of a risk analysis

Answer

A

An evaluation of the business processes.

Question 4

Q

Purpose of evaluating business purpose

Answer

A

To determine the purpose, importance, and effectiveness of business activities

Question 5

Q

Why an auditor performs a threat analysis

Answer

A

to identify and catalog risks

Question 6

Q

What is a threat analysis

Answer

A

an activity whereby the auditor considers a large body of possible threats and selects those that have some reasonable possibility of occurrence, however small.

Question 7

Q

Impact

Answer

A

A short description of the results if the threat is actually realized.

Question 8

Q

Possible mitigating controls

Answer

A

This is a list of one or more countermeasures that can reduce the probability or the impact of the threat, or both.

Question 9

Q

When the IS auditor is conducting a risk analysis prior to an audit,

Answer

A

risk mitigation may take the form of additional audit scrutiny on certain activities during the audit.

Brainscape's Knowledge GenomeTM

Risk Analysis Flashcards

Brainscape's Knowledge Genome^TM