ABC produces fashion garments for sale m its chain of high street retail outlets.
Which THREE of the following activities would result m the organisation having to review its cyber security risks management program?
Some sensitive computer systems are particularly attractive to cyber criminals. Passwords may be used as one element of restricting access to legitimate users, but the password systems should be designed with great care.
Which of the following methods would enhance a password access system?
P is a consulting firm that provides technical advice to the oil industry. The company has consulting teams that specialise in specific areas, namely drilling, off-shore, health and safety, oil well management and ng management. Each team's consultants are charged out to clients at the same daily rate.
The demand for different skill sets varies constantly due to factors such as movements in oil prices. Exploration increases when the oil price rises and there is a greater focus on maintaining existing wells when the price fans.
The performance of P's sales team is measured in terms of revenue, based on the number of consultancy days sold Frequently the sales team agree to contracts without first checking that the relevant consulting team has consultants available. The work then has to be undertaken by subcontractors at P's expense. Sub-contractors cost more and their use can also lead to P's own consultants being under-utilised when assignments could have been scheduled more efficiently.
Which TWO of the following would correct this behavior?
An oil company has entered into a joint venture with a competing oil company to develop a new oil field. The joint venture arrangement is intended to mitigate the risks associated with developing the oil field.
The following disclosure appears in the oil company's risk report:
"Many of our large projects and operations are conducted through joint ventures. These arrangements involve complex risk allocation and indemnification arrangements and we have less control over these activities than we would have if we had full ownership and control. Our partners may have economic or business interests that are opposed to ours, and may exercise the right to block key decisions or actions. We believe the joint arrangement is in our best interest."
Which of the following statements are correct?
D is a large oil refinery.
The managers have identified four risks shown in the risk map below:
Which of the risk mitigations listed below would be the best for dealing with the two risks classified as medium likelihood and high impact?
XYZ is unhappy with the way it decides on the likelihood and impact of risks when it completes the TARA matrix XYZ has decided to try other ways to get more consensus over the evaluation of risks as high, medium and low impact and likelihood
Which of the following methods is likely to be most successful?
BCD has recently experienced a cyber security breach which fortunately was carried out by someone more interested in demonstrating the weakness in its defence than by someone malicious
This has made BCD realise that its cyber defence is inadequate BCD has engaged a cyber security consultant who has advised BCD to set up a Computer Incident Response Team (GIRT)
What THREE of the following activities would this CIRT have responsibility for?
Recruit specialist security staff to avoid an incident
ZZ is a data security company that is responsible for cyber security m a large shopping mall 21 uses Network Configuration Management (NCM) to assist it in meeting the various needs of the mall's user community.
Which THREE of the following are advantages provided by NCM?
As part of risk assessment exercise for a low-cost airline you are requested to match the risks listed below with the most approriate method of minimising or dealing with each risk.
P Ltd manufactures and sells electrical goods through retail outlets.
N is P Ltd's Sales Director. He has been recently promoted from a senior sales position with P Ltd. He has been forced to spend the first six months as Sales Director on dealing with an administrative mess left behind by the previous sales director.
You are a Senior Management Accountant at P Ltd. You have worked with N for many years.
N has worked hard and has made many changes that have brought significant benefit to the business.
N has asked you to postpone the recording of some purchase invoices so that he will meet his quarterly targets on profit margin.
What should you do?
