Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca COBIT-Design-and-Implementation Exam - Topic 4 Question 32 Discussion

Actual exam question for Isaca's COBIT-Design-and-Implementation exam
Question #: 32
Topic #: 4
[All COBIT-Design-and-Implementation Questions]

When tailoring COBIT 2019 to enterprise requirements, which of the following is the PRIMARY objective of preparing a risk profile?

Show Suggested Answer Hide Answer
Suggested Answer: B

According to the COBIT 2019 Design Guide:

'A key purpose of defining a risk profile is to compare identified risks with the enterprise's risk appetite. This allows the organization to prioritize areas where risk levels exceed acceptable thresholds and guide risk treatment plans accordingly.'

The risk profile doesn't just highlight risks in general---it is specifically about those exceeding the enterprise's defined tolerance.


by Ronald at Jan 05, 2026, 05:16 AM

Limited Time Offer

25%

Off

Get Premium COBIT-Design-and-Implementation Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Rozella
1 day ago
Wait, are we sure it's not C? Disruption seems huge.
upvoted 0 times
...
Cathrine
6 days ago
Definitely A, mitigation is key!
upvoted 0 times
...
Henriette
11 days ago
I think it's more about business continuity, honestly.
upvoted 0 times
...
Andra
17 days ago
It's all about identifying risks that exceed appetite.
upvoted 0 times
...
Merrilee
22 days ago
D) is too narrow. The risk profile should identify risks that impact the whole business, not just continuity.
upvoted 0 times
...
Dawne
27 days ago
Haha, I bet the exam writers had a field day coming up with these answer choices. Gotta love those COBIT questions!
upvoted 0 times
...
Margarita
2 months ago
I think C) is a bit too specific. The risk profile should cover a broader range of risks, not just technology disruption.
upvoted 0 times
...
Bronwyn
2 months ago
The risk profile is all about understanding your organization's risk tolerance. Option B is clearly the right answer here.
upvoted 0 times
...
Micaela
2 months ago
B) To identify areas of risk that exceed risk appetite is the primary objective.
upvoted 0 times
...
Ilene
2 months ago
I thought the risk profile was mainly about identifying disruptive risks, so I’m torn between options B and C.
upvoted 0 times
...
Lashaun
2 months ago
I feel like option D could also be relevant since business continuity is crucial, but I’m uncertain if it’s the primary focus.
upvoted 0 times
...
Clarinda
2 months ago
I remember a practice question that focused on risk mitigation, so I might lean towards option A.
upvoted 0 times
...
Elden
3 months ago
I think the primary objective is about identifying risks that exceed risk appetite, but I'm not entirely sure.
upvoted 0 times
...
Beata
3 months ago
Ugh, risk management questions can be tricky. I'm not 100% sure about the nuances here. I think I'll eliminate the options about technology disruption and business continuity, since those seem more like secondary considerations. Then I'll have to decide between A and B. Hmm, I'll go with B for now, but I'm not super confident.
upvoted 0 times
...
Julian
3 months ago
I feel confident that the primary objective is to identify areas of risk that exceed the organization's risk appetite. That seems to be the core purpose of a risk profile in the COBIT framework. I'll mark B as my answer.
upvoted 0 times
...
Grover
3 months ago
Okay, let me think this through. The question is asking about the primary objective of preparing a risk profile when tailoring COBIT 2019. I'm pretty sure the goal is to get a comprehensive view of the organization's risks so they can be properly addressed, so I'll go with B.
upvoted 0 times
...
Marg
3 months ago
Hmm, I'm a bit unsure about this one. I know COBIT is all about managing IT risks, but I'm not sure if the primary objective is just to identify high-risk areas or something more specific. I might need to review my notes on COBIT 2019 risk management.
upvoted 0 times
...
Julie
3 months ago
This question seems straightforward - I think the primary objective is to identify areas of risk that exceed the organization's risk appetite, so I'll go with B.
upvoted 0 times
...

Save Cancel