New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca COBIT-Design-and-Implementation Exam - Topic 4 Question 32 Discussion

Actual exam question for Isaca's COBIT-Design-and-Implementation exam
Question #: 32
Topic #: 4
[All COBIT-Design-and-Implementation Questions]

When tailoring COBIT 2019 to enterprise requirements, which of the following is the PRIMARY objective of preparing a risk profile?

Show Suggested Answer Hide Answer
Suggested Answer: B

According to the COBIT 2019 Design Guide:

'A key purpose of defining a risk profile is to compare identified risks with the enterprise's risk appetite. This allows the organization to prioritize areas where risk levels exceed acceptable thresholds and guide risk treatment plans accordingly.'

The risk profile doesn't just highlight risks in general---it is specifically about those exceeding the enterprise's defined tolerance.


by Ronald at Jan 05, 2026, 05:16 AM

Limited Time Offer

25%

Off

Get Premium COBIT-Design-and-Implementation Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Margarita
3 days ago
I think C) is a bit too specific. The risk profile should cover a broader range of risks, not just technology disruption.
upvoted 0 times
...
Bronwyn
8 days ago
The risk profile is all about understanding your organization's risk tolerance. Option B is clearly the right answer here.
upvoted 0 times
...
Micaela
13 days ago
B) To identify areas of risk that exceed risk appetite is the primary objective.
upvoted 0 times
...
Ilene
18 days ago
I thought the risk profile was mainly about identifying disruptive risks, so I’m torn between options B and C.
upvoted 0 times
...
Lashaun
24 days ago
I feel like option D could also be relevant since business continuity is crucial, but I’m uncertain if it’s the primary focus.
upvoted 0 times
...
Clarinda
29 days ago
I remember a practice question that focused on risk mitigation, so I might lean towards option A.
upvoted 0 times
...
Elden
1 month ago
I think the primary objective is about identifying risks that exceed risk appetite, but I'm not entirely sure.
upvoted 0 times
...
Beata
1 month ago
Ugh, risk management questions can be tricky. I'm not 100% sure about the nuances here. I think I'll eliminate the options about technology disruption and business continuity, since those seem more like secondary considerations. Then I'll have to decide between A and B. Hmm, I'll go with B for now, but I'm not super confident.
upvoted 0 times
...
Julian
1 month ago
I feel confident that the primary objective is to identify areas of risk that exceed the organization's risk appetite. That seems to be the core purpose of a risk profile in the COBIT framework. I'll mark B as my answer.
upvoted 0 times
...
Grover
2 months ago
Okay, let me think this through. The question is asking about the primary objective of preparing a risk profile when tailoring COBIT 2019. I'm pretty sure the goal is to get a comprehensive view of the organization's risks so they can be properly addressed, so I'll go with B.
upvoted 0 times
...
Marg
2 months ago
Hmm, I'm a bit unsure about this one. I know COBIT is all about managing IT risks, but I'm not sure if the primary objective is just to identify high-risk areas or something more specific. I might need to review my notes on COBIT 2019 risk management.
upvoted 0 times
...
Julie
2 months ago
This question seems straightforward - I think the primary objective is to identify areas of risk that exceed the organization's risk appetite, so I'll go with B.
upvoted 0 times
...

Save Cancel