New Year Sale ! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

CIMA Exam CIMAPRO19-P03-1 Topic 1 Question 81 Discussion

Actual exam question for CIMA's CIMAPRO19-P03-1 exam
Question #: 81
Topic #: 1
[All CIMAPRO19-P03-1 Questions]

KLO is a major quoted car rental company The company is considering publishing its first cyber risk management report

AH rental bookings are made online Customers receive a booking reference number that they use to collect their cars from a convenient branch Customers enter their credit card details both so that KLO can take payment for their rental and also so that the customers can be charged automatically for late returns or damage to cars

KLO's management believes that it has three key areas of cyber risk Cyber criminals may wish to make bookings using fictitious data in order to steal KLO's cars, they may wish to use customers details to identify addresses of people who are away from home so that they can burgle houses and they may wish to abuse customer credit card details

KLO's Board is concerned that admitting to the nsk of stealing cars might encourage cnminals to exploit that vulnerability AJso. it is concerned that customers will be reluctant to rent cars if that would mean that their homes could be at risk of burglary while they are away The vulnerability of credit card details seems obvious and so the Board is not reluctant to admit to that.

Which TWO of the following are correct?

Show Suggested Answer Hide Answer
Suggested Answer: A, C

Contribute your Thoughts:

Iluminada
2 months ago
I bet the accountant will be signing the report with one hand while holding a baseball bat in the other, just in case the Board tries any funny business.
upvoted 0 times
...
Stephaine
2 months ago
The Board is worried about burglars targeting people's homes while they're renting cars? Sounds like they need to start a home security business too!
upvoted 0 times
Glory
1 months ago
C) The independent accountant who will express an opinion on the risks and controls will be unwilling to sign the report unless it contains a full account of all risks and controls
upvoted 0 times
...
Billy
1 months ago
B) If KLO's Board omits one of more areas of concern from the report then the independent accountant who will sign the report is unlikely to discover that omission
upvoted 0 times
...
Veronika
1 months ago
A) The Board should be clear about all sensitive information that the company holds, but should also be clear about the robust controls in place to safeguard that information.
upvoted 0 times
...
...
Julianna
2 months ago
E is just ridiculous. Stakeholders will definitely care about the vulnerabilities. A and C are the way to go.
upvoted 0 times
Katy
27 days ago
Yes, C is crucial too. The independent accountant will want a full account of all risks and controls before signing the report.
upvoted 0 times
...
Queenie
1 months ago
I think A is important, the Board should be clear about sensitive information and the controls in place.
upvoted 0 times
...
Kara
1 months ago
I agree, stakeholders will definitely care about the vulnerabilities.
upvoted 0 times
...
...
Veronika
2 months ago
D? Really? The accountant won't just accept what the Board says, they'll dig deeper. Gotta go with A and C.
upvoted 0 times
Jolene
2 months ago
Yeah, the accountant will definitely dig deeper and not just rely on what the Board says. A and C seem like the correct options.
upvoted 0 times
...
Jade
2 months ago
I think the independent accountant will definitely want a full account of all risks and controls before signing the report.
upvoted 0 times
...
Annice
2 months ago
I agree, the Board should be transparent about the sensitive information they hold and the controls in place.
upvoted 0 times
...
...
Lelia
2 months ago
But what if the Board omits some areas of concern? Will the accountant still sign the report?
upvoted 0 times
...
Adell
2 months ago
I agree with Buck. It's important for stakeholders to know that their information is protected.
upvoted 0 times
...
Buck
3 months ago
I think the Board should be clear about all sensitive information and the controls in place.
upvoted 0 times
...
Anika
3 months ago
I agree with A, but I'm not sure about C. Surely the accountant can't force the Board to disclose something they're not comfortable with.
upvoted 0 times
Louvenia
1 months ago
But can the accountant really force the Board to disclose everything they're uncomfortable with?
upvoted 0 times
...
Jeannetta
1 months ago
The independent accountant may not sign off on the report if it doesn't cover all risks and controls.
upvoted 0 times
...
Shanice
1 months ago
I agree, it's important for stakeholders to know how the company is safeguarding their data.
upvoted 0 times
...
Maybelle
2 months ago
I think the Board should be transparent about all sensitive information and also highlight the controls in place.
upvoted 0 times
...
...
Delila
3 months ago
A and C seem like the correct answers. The Board should be transparent about the risks, and the independent accountant should require a full account of the risks and controls.
upvoted 0 times
Domonique
2 months ago
C) The independent accountant who will express an opinion on the risks and controls will be unwilling to sign the report unless it contains a full account of all risks and controls
upvoted 0 times
...
Major
3 months ago
A) The Board should be clear about all sensitive information that the company holds, but should also be clear about the robust controls in place to safeguard that information.
upvoted 0 times
...
...

Save Cancel