IT Risk Fundamentals

Here you have the best Isaca IT Risk Fundamentals practice exam questions

You have 9 total questions to study from
Each page has 5 questions, making a total of 2 pages
You can navigate through the pages using the buttons at the bottom
This questions were last updated on October 14, 2025
This site is not affiliated with or endorsed by Isaca.

Question 1 of 9

Which of the following is an example of an inductive method to gather information?

Controls gap analysis

Vulnerability analysis

Penetration testing

Correct Answer: A

Question 2 of 9

Which of the following provides the MOST important input for analyzing I&T-related risk?

Information about market trends and technology evolution

Information about past incidents, frequency, and loss to the organization

Information about threats and vulnerabilities

Correct Answer: B

Question 3 of 9

A risk practitioner has been tasked with analyzing new risk events added to the risk register. Which of the following analysis methods would BEST enable the risk practitioner to minimize ambiguity and subjectivity?

Annual loss expectancy (ALE)

Delphi method

Brainstorming

Correct Answer: B

Question 4 of 9

Which of the following risk analysis methods gathers different types of potential risk ideas to be validated and ranked by an individual or small groups during interviews?

Delphi technique

Monte Carlo analysis

Brainstorming model

Correct Answer: C

Question 5 of 9

Which of the following is a KEY contributing component for determining risk rankings to direct risk response?

Cost of mitigating controls

Severity of a vulnerability

Maturity of risk management processes

Correct Answer: B