The GRC analyst job role — Quiz

The GRC analyst job role

1. According to the text, which of the following is NOT listed as a potential role to pivot from into a GRC analyst position? (Choose one answer) a) SOC Analyst b) Quality Assurance role c) Software Developer d) Policy Analyst

2. Which NIST publication is specifically mentioned as a "Guide for Conducting Risk Assessments"? (Choose one answer) a) NIST SP 800-37 b) NIST SP 800-53 c) NIST SP 800-30 d) NIST CSF

3. Which industry certification is described as "ideal for mid-career IT/IS audit, risk, and security professionals"? (Choose one answer) a) CISA b) CRISC c) CISM d) ISO 27001 Lead Auditor

4. A key responsibility of a GRC analyst is establishing compliance procedures for various regulations. Which regulation is correctly paired with its industry? (Choose one answer) a) PCI DSS - Health Care b) HIPAA - Health Care c) FISMA - Financial Services d) GDPR - Department of Defense

5. Which of the following frameworks is developed and maintained by the American Institute of Certified Public Accountants (AICPA)? (Choose one answer) a) NIST CSF b) ISO/IEC 27001 c) SOC 2 d) CMMC