A qualitative risk assessment uses numerical values to calculate risk.

Risk acceptance is a strategy used when the cost of mitigating a risk exceeds the potential impact of the risk itself.

An IT audit is exactly the same as a financial audit, just focusing on different systems.

 What are the primary security benefits of automation in auditing? (Select all that apply)

Which of the following statements about GDPR are true? (Select all that apply)

 Effective risk identification techniques include: (Select all that apply)

Which of the following are types of Application Controls? (Select all that apply)

When presenting audit findings, what should a report include? (Select all that apply)

The purpose of a business continuity standard like ISO 22301 is to:

Which of the following are key benefits of integrating risk management within IT audit? (Select all that apply)