CRMA (RISK) DOMAIN I & II EXAM
PRACTICE QUESTIONS & ANSWERS
Grid Analysis, CRMA book I.B.5 - ANSWERAn effective decision making process that
helps analyze the available options and weigh risks that can influence governance. Is a
more sophisticated version of paired comparison analysis. Weights the relative
importance of each of the factors. the relative weighting can be expressed numerically
with each of the elements multiplied accordingly to determine an overall value for each
option. the one with the highest value indicates that it is the most appropriate choice.
cross-functional team - ANSWERmatrix
networks - ANSWERorgs joining together in common objectives
Speculative risk - ANSWERRisks that can be exploited for gain; or upside risk or
opportunity
Non-probabilistic risk assessment models - ANSWERSensitive analysis, scenario
analysis, and stress test
Probabilistic risk assessment models - ANSWERCash flow at risk, earnings at risk, back
testing
How is the COSO ERM framework different from the ISO 31000 guide? - ANSWERthe
COSO ERM framework is broad and includes ISO 31000 as a source of its input to the
development of the ERM framework
Monte Carlo Simulation - ANSWERA process which generates hundreds or thousands
of probable performance outcomes based on probability distributions for cost and
schedule on individual tasks. The outcomes are then used to generate a probability
distribution for the project as a whole.
How is the IIA's Guide to the Assessment of IT Risk (GAIT) incorporated into the COSO
ERM framework? - ANSWEROnce the key risks are identified in a risk assessment, an
organization can use an appropriate framework for IT risks. GAIT would be used in
developing best practices and measures to manage and monitor IT risks.
Establishing Risk appetite - ANSWERNot one of the formal components of the COSO
ERM framework
Internal audit risks - ANSWERFalse assurance, audit failure, reputational risk
PRACTICE QUESTIONS & ANSWERS
Grid Analysis, CRMA book I.B.5 - ANSWERAn effective decision making process that
helps analyze the available options and weigh risks that can influence governance. Is a
more sophisticated version of paired comparison analysis. Weights the relative
importance of each of the factors. the relative weighting can be expressed numerically
with each of the elements multiplied accordingly to determine an overall value for each
option. the one with the highest value indicates that it is the most appropriate choice.
cross-functional team - ANSWERmatrix
networks - ANSWERorgs joining together in common objectives
Speculative risk - ANSWERRisks that can be exploited for gain; or upside risk or
opportunity
Non-probabilistic risk assessment models - ANSWERSensitive analysis, scenario
analysis, and stress test
Probabilistic risk assessment models - ANSWERCash flow at risk, earnings at risk, back
testing
How is the COSO ERM framework different from the ISO 31000 guide? - ANSWERthe
COSO ERM framework is broad and includes ISO 31000 as a source of its input to the
development of the ERM framework
Monte Carlo Simulation - ANSWERA process which generates hundreds or thousands
of probable performance outcomes based on probability distributions for cost and
schedule on individual tasks. The outcomes are then used to generate a probability
distribution for the project as a whole.
How is the IIA's Guide to the Assessment of IT Risk (GAIT) incorporated into the COSO
ERM framework? - ANSWEROnce the key risks are identified in a risk assessment, an
organization can use an appropriate framework for IT risks. GAIT would be used in
developing best practices and measures to manage and monitor IT risks.
Establishing Risk appetite - ANSWERNot one of the formal components of the COSO
ERM framework
Internal audit risks - ANSWERFalse assurance, audit failure, reputational risk
