RIMS - CRMP Complete Study Guide questions with accurate
|| || || || || || || || ||
detailed answers ||
Risks - ✔✔The effect of uncertainty on objectives
|| || || || || || ||
The chance of something happening that will have an impact on objectives
|| || || || || || || || || || ||
Being prepared for the worst and being poised to exploit opportunities as they are
|| || || || || || || || || || || || || ||
discovered
Enterprise Risk Management - ✔✔A strategic business discipline that supports the
|| || || || || || || || || || ||
achievement of an organization's objectives by addressing the full spectrum of its risks and || || || || || || || || || || || || || ||
managing the combined impact of those risks as an interrelated risk portfolio.
|| || || || || || || || || || ||
Support Function: Business continuity and crisis management - ✔✔Risk identification,
|| || || || || || || || || ||
assessment and creation of emergency response and recovery plans related to threats or
|| || || || || || || || || || || || ||
hazards that might lead to operational disruptions
|| || || || || ||
Analysis - ✔✔A systematic examination and evaluation of data or information by breaking
|| || || || || || || || || || || || ||
it into its component parts to uncover their relationships. An examination of data and facts
|| || || || || || || || || || || || || || ||
to uncover and understand cause-effect relationships, thus providing basis for problem
|| || || || || || || || || || ||
solving and decision making. || || ||
To embed risk management in both routine and strategic decision, what should managers
|| || || || || || || || || || || || ||
be able to recognize? - ✔✔The type of decision being made; Who should be included in the
|| || || || || || || || || || || || || || || || ||
decision making process; Where in the process decisions are being made
|| || || || || || || || || ||
Risk management strategies' general focus - ✔✔Meeting or exceeding an organization's
|| || || || || || || || || || ||
objectives
Adhering to control-based objectives, rules and/or controls || || || || || ||
,Complying with regulatory requirements || || ||
Support Function: Internal Audit - ✔✔Risk identification, assessment and treatment
|| || || || || || || || || ||
through audit plans with focus on fraud, corruption, regulatory noncompliance and/or
|| || || || || || || || || || ||
misrepresentation related to the organization's internal control systems, financial || || || || || || || || ||
operations, financial statements and reporting as well as enterprise risk and the
|| || || || || || || || || || || ||
organization's risk management framework and process. || || || || ||
What steps can the risk management professional take to embed risk management in
|| || || || || || || || || || || || ||
decision making? - ✔✔Include risk assessment in planning process; Leverage cross-
|| || || || || || || || || ||
functional risk assessment team and subject matter experts to identify enterprise risks;
|| || || || || || || || || || || ||
Consider cascading and cumulative effects || || || ||
Gap Analysis - ✔✔Technique that can be used to determine what steps might need to be
|| || || || || || || || || || || || || || || ||
taken to improve the organization's capacity to move from a current state to a desired future
|| || || || || || || || || || || || || || ||
state.
||
Risk appetite - ✔✔The total exposed amount that an organization wishes to undertake on
|| || || || || || || || || || || || || ||
the basis of risk-return trade-offs for one or more desire and expected outcomes.
|| || || || || || || || || || || ||
Communication and Consultation - ✔✔Risk management professional's role in || || || || || || || || ||
Implementing Risk Strategies || ||
Support Function: Legal - ✔✔Risk identification, assessment and treatment of risks related
|| || || || || || || || || || || ||
to the obligation an organization undertakes and transfers through contracting, as well as
|| || || || || || || || || || || || ||
its compliance with applicable laws and regulatory obligations.
|| || || || || || ||
What are the typical failures in risk management which can be avoided if it is embedded in
|| || || || || || || || || || || || || || || || ||
the decision making process? - ✔✔Program not integrated into strategy or its execution;
|| || || || || || || || || || || || ||
Focused on the wrong risks; Not executed in a repeatable process; Risk management is
|| || || || || || || || || || || || || ||
practiced in a silo; Activity not viewed as being value added
|| || || || || || || || || ||
,Strategic Plan - ✔✔Determines that actions the organization will take at any stage of the
|| || || || || || || || || || || || || || ||
planning period as circumstances change. || || || ||
Risk owner - ✔✔The individual who is ultimately accountable for ensuring that risk is
|| || || || || || || || || || || || || ||
managed appropriately, including the implementation of selected responses.
|| || || || || || ||
Risk Identification Process - ✔✔Finding, Recognizing and Recording Risks
|| || || || || || || ||
Support Function: Compliance - ✔✔Risk identification, assessment and treatment of risk
|| || || || || || || || || || ||
related to regulations that may affect the organization's ability to operate in its respective
|| || || || || || || || || || || || || ||
jurisdictions, as well as activities that fall within its compliance and ethics programs.
|| || || || || || || || || || || ||
To successfully integrate risk management into decision making, risk management
|| || || || || || || || || ||
professionals will rely on strategies that draw on personal and technical skills in -
|| || || || || || || || || || || || || ||
✔✔Building organizational awareness; . Differentiating the different types of decisions used
|| || || || || || || || || ||
in varying situations using elements of decision quality; Performing various roles in the
|| || || || || || || || || || || || || ||
taking risk into account in decision-making process
|| || || || || ||
Strategy - ✔✔A complete plan of action for whatever situations might arise in achieving an
|| || || || || || || || || || || || || || ||
organization's goals within the established time. || || || || ||
Risk tolerance - ✔✔The amount of uncertainty an organization is prepared to accept in
|| || || || || || || || || || || || || ||
total or more narrowly within a certain business unit, a particular risk category or for a
|| || || || || || || || || || || || || || || ||
specific initiative. ||
Strategic Risk Management - ✔✔A business discipline that drives deliberation and action
|| || || || || || || || || || || ||
regarding uncertainties and untapped opportunities that affect an organization's strategy
|| || || || || || || || || ||
and strategic execution.
|| ||
, Value Chain - ✔✔The series of functions, processes, materials and activities (inputs) from
|| || || || || || || || || || || || ||
concept to the eventual end user that creates and builds value at every step in order to
|| || || || || || || || || || || || || || || || ||
deliver a product or service. || || || ||
To build organizational awareness, the risk management professional needs to do the
|| || || || || || || || || || || ||
following: - ✔✔Be a persuasive communicator and facilitator; Have a clear communication
|| || || || || || || || || || || ||
plan; Engage interested parties, including primary and secondary audiences; Demonstrate
|| || || || || || || || || ||
that risk management creates the most value ; Develop feedback loops for continuous
|| || || || || || || || || || || || ||
learning
Risk Analysis - ✔✔The process of characterizing and understanding the nature of risk and
|| || || || || || || || || || || || || ||
of considering the level of risk in the context of the organization's willingness to accept risk.
|| || || || || || || || || || || || || || ||
Support Function: Safety - ✔✔Risk identification, assessment and treatment of risks
|| || || || || || || || || || ||
focused on preserving the physical well-being of employees and third parties.
|| || || || || || || || || ||
Likelihood, Consequences, other criteria such as timing, duration, vulnerability and
|| || || || || || || || || ||
interdependencies - ✔✔Risk is typically analyzed on the basis of || || || || || || || || ||
Support Function: Information Security - ✔✔Risk Identification, assessment and treatment
|| || || || || || || || || ||
of risk arising our of or affecting information and technology infrastructure.
|| || || || || || || || || ||
To build organizational awareness, risk management creates the most value when - ✔✔Risk
|| || || || || || || || || || || ||
management Aligns with strategic goals; Takes corporate culture into account; Involves key
|| || || || || || || || || || || || ||
enterprise functions ||
Financial Statements - ✔✔Internal source of information that includes financial analytics
|| || || || || || || || || || ||
or projections
||
|| || || || || || || || ||
detailed answers ||
Risks - ✔✔The effect of uncertainty on objectives
|| || || || || || ||
The chance of something happening that will have an impact on objectives
|| || || || || || || || || || ||
Being prepared for the worst and being poised to exploit opportunities as they are
|| || || || || || || || || || || || || ||
discovered
Enterprise Risk Management - ✔✔A strategic business discipline that supports the
|| || || || || || || || || || ||
achievement of an organization's objectives by addressing the full spectrum of its risks and || || || || || || || || || || || || || ||
managing the combined impact of those risks as an interrelated risk portfolio.
|| || || || || || || || || || ||
Support Function: Business continuity and crisis management - ✔✔Risk identification,
|| || || || || || || || || ||
assessment and creation of emergency response and recovery plans related to threats or
|| || || || || || || || || || || || ||
hazards that might lead to operational disruptions
|| || || || || ||
Analysis - ✔✔A systematic examination and evaluation of data or information by breaking
|| || || || || || || || || || || || ||
it into its component parts to uncover their relationships. An examination of data and facts
|| || || || || || || || || || || || || || ||
to uncover and understand cause-effect relationships, thus providing basis for problem
|| || || || || || || || || || ||
solving and decision making. || || ||
To embed risk management in both routine and strategic decision, what should managers
|| || || || || || || || || || || || ||
be able to recognize? - ✔✔The type of decision being made; Who should be included in the
|| || || || || || || || || || || || || || || || ||
decision making process; Where in the process decisions are being made
|| || || || || || || || || ||
Risk management strategies' general focus - ✔✔Meeting or exceeding an organization's
|| || || || || || || || || || ||
objectives
Adhering to control-based objectives, rules and/or controls || || || || || ||
,Complying with regulatory requirements || || ||
Support Function: Internal Audit - ✔✔Risk identification, assessment and treatment
|| || || || || || || || || ||
through audit plans with focus on fraud, corruption, regulatory noncompliance and/or
|| || || || || || || || || || ||
misrepresentation related to the organization's internal control systems, financial || || || || || || || || ||
operations, financial statements and reporting as well as enterprise risk and the
|| || || || || || || || || || || ||
organization's risk management framework and process. || || || || ||
What steps can the risk management professional take to embed risk management in
|| || || || || || || || || || || || ||
decision making? - ✔✔Include risk assessment in planning process; Leverage cross-
|| || || || || || || || || ||
functional risk assessment team and subject matter experts to identify enterprise risks;
|| || || || || || || || || || || ||
Consider cascading and cumulative effects || || || ||
Gap Analysis - ✔✔Technique that can be used to determine what steps might need to be
|| || || || || || || || || || || || || || || ||
taken to improve the organization's capacity to move from a current state to a desired future
|| || || || || || || || || || || || || || ||
state.
||
Risk appetite - ✔✔The total exposed amount that an organization wishes to undertake on
|| || || || || || || || || || || || || ||
the basis of risk-return trade-offs for one or more desire and expected outcomes.
|| || || || || || || || || || || ||
Communication and Consultation - ✔✔Risk management professional's role in || || || || || || || || ||
Implementing Risk Strategies || ||
Support Function: Legal - ✔✔Risk identification, assessment and treatment of risks related
|| || || || || || || || || || || ||
to the obligation an organization undertakes and transfers through contracting, as well as
|| || || || || || || || || || || || ||
its compliance with applicable laws and regulatory obligations.
|| || || || || || ||
What are the typical failures in risk management which can be avoided if it is embedded in
|| || || || || || || || || || || || || || || || ||
the decision making process? - ✔✔Program not integrated into strategy or its execution;
|| || || || || || || || || || || || ||
Focused on the wrong risks; Not executed in a repeatable process; Risk management is
|| || || || || || || || || || || || || ||
practiced in a silo; Activity not viewed as being value added
|| || || || || || || || || ||
,Strategic Plan - ✔✔Determines that actions the organization will take at any stage of the
|| || || || || || || || || || || || || || ||
planning period as circumstances change. || || || ||
Risk owner - ✔✔The individual who is ultimately accountable for ensuring that risk is
|| || || || || || || || || || || || || ||
managed appropriately, including the implementation of selected responses.
|| || || || || || ||
Risk Identification Process - ✔✔Finding, Recognizing and Recording Risks
|| || || || || || || ||
Support Function: Compliance - ✔✔Risk identification, assessment and treatment of risk
|| || || || || || || || || || ||
related to regulations that may affect the organization's ability to operate in its respective
|| || || || || || || || || || || || || ||
jurisdictions, as well as activities that fall within its compliance and ethics programs.
|| || || || || || || || || || || ||
To successfully integrate risk management into decision making, risk management
|| || || || || || || || || ||
professionals will rely on strategies that draw on personal and technical skills in -
|| || || || || || || || || || || || || ||
✔✔Building organizational awareness; . Differentiating the different types of decisions used
|| || || || || || || || || ||
in varying situations using elements of decision quality; Performing various roles in the
|| || || || || || || || || || || || || ||
taking risk into account in decision-making process
|| || || || || ||
Strategy - ✔✔A complete plan of action for whatever situations might arise in achieving an
|| || || || || || || || || || || || || || ||
organization's goals within the established time. || || || || ||
Risk tolerance - ✔✔The amount of uncertainty an organization is prepared to accept in
|| || || || || || || || || || || || || ||
total or more narrowly within a certain business unit, a particular risk category or for a
|| || || || || || || || || || || || || || || ||
specific initiative. ||
Strategic Risk Management - ✔✔A business discipline that drives deliberation and action
|| || || || || || || || || || || ||
regarding uncertainties and untapped opportunities that affect an organization's strategy
|| || || || || || || || || ||
and strategic execution.
|| ||
, Value Chain - ✔✔The series of functions, processes, materials and activities (inputs) from
|| || || || || || || || || || || || ||
concept to the eventual end user that creates and builds value at every step in order to
|| || || || || || || || || || || || || || || || ||
deliver a product or service. || || || ||
To build organizational awareness, the risk management professional needs to do the
|| || || || || || || || || || || ||
following: - ✔✔Be a persuasive communicator and facilitator; Have a clear communication
|| || || || || || || || || || || ||
plan; Engage interested parties, including primary and secondary audiences; Demonstrate
|| || || || || || || || || ||
that risk management creates the most value ; Develop feedback loops for continuous
|| || || || || || || || || || || || ||
learning
Risk Analysis - ✔✔The process of characterizing and understanding the nature of risk and
|| || || || || || || || || || || || || ||
of considering the level of risk in the context of the organization's willingness to accept risk.
|| || || || || || || || || || || || || || ||
Support Function: Safety - ✔✔Risk identification, assessment and treatment of risks
|| || || || || || || || || || ||
focused on preserving the physical well-being of employees and third parties.
|| || || || || || || || || ||
Likelihood, Consequences, other criteria such as timing, duration, vulnerability and
|| || || || || || || || || ||
interdependencies - ✔✔Risk is typically analyzed on the basis of || || || || || || || || ||
Support Function: Information Security - ✔✔Risk Identification, assessment and treatment
|| || || || || || || || || ||
of risk arising our of or affecting information and technology infrastructure.
|| || || || || || || || || ||
To build organizational awareness, risk management creates the most value when - ✔✔Risk
|| || || || || || || || || || || ||
management Aligns with strategic goals; Takes corporate culture into account; Involves key
|| || || || || || || || || || || || ||
enterprise functions ||
Financial Statements - ✔✔Internal source of information that includes financial analytics
|| || || || || || || || || || ||
or projections
||
