A business model is a set of assumptions about the: - ANSWER Way an organization cre-
ates value
What two analytical tools are particularly useful in analyzing the business model? - AN-
SWER Value chain analysis and benchmarking
Risk management professionals conduct supply-chain analysis to identify: - ANSWER Po-
tential vulnerabilities to the organization
Which activity does the risk management professional perform immediately after obtaining
internal and external information about the organization? - ANSWER Organize the infor-
mation
Which risk identification and analysis technique should a risk management professional use
in order to gather information from multiple departments in a brainstorming session that
helps to identify shared risks within an organization? - ANSWER Workshops
When analyzing an organization's value chain, which of the following would be considered a
primary activity? - ANSWER Outbound logistics
The organization's resources and internal support are _____ the risk management strategy?
- ANSWER Inputs in the development of
When defining the success measures for the organization's risk strategy, the risk manage-
ment professional will include which of the following steps? - ANSWER A review of the
goals and objectives of the risk strategy
1
, Which of the following BEST guides an organization's risk management decision-making pro-
cess? - ANSWER Risk strategy approach
An effective risk communication strategy requires the selection of appropriate: - ANSWER
Media channels
A business model is a set of assumptions about the: - ANSWER Way an organization cre-
ates value
Which of the following is considered a risk analysis technique? - ANSWER Monte Carlo
simulation
When an operational area develops a treatment for a critical risk, the risk management pro-
fessional MUST: - ANSWER Evaluate the impact upon other areas
A risk management professional advises management on the status of key risks by: - AN-
SWER Providing insights into the changing characteristics of a risk
STEEP is a method used for strategic planning. The acronym STEEP stands for: - ANSWER
Social, technological, economic, environmental, political
Once risks have been analyzed, the risk management professional should evaluate the risks
against the risk_____ - ANSWER Appetite
After validating the training criteria, a risk management professional: - ANSWER Sched-
ules and conducts training
What can a risk management professional recommend to management to protect an organi-
zation's critical infrastructure from a cyber attack? - ANSWER Implement password proto-
cols
2
ates value
What two analytical tools are particularly useful in analyzing the business model? - AN-
SWER Value chain analysis and benchmarking
Risk management professionals conduct supply-chain analysis to identify: - ANSWER Po-
tential vulnerabilities to the organization
Which activity does the risk management professional perform immediately after obtaining
internal and external information about the organization? - ANSWER Organize the infor-
mation
Which risk identification and analysis technique should a risk management professional use
in order to gather information from multiple departments in a brainstorming session that
helps to identify shared risks within an organization? - ANSWER Workshops
When analyzing an organization's value chain, which of the following would be considered a
primary activity? - ANSWER Outbound logistics
The organization's resources and internal support are _____ the risk management strategy?
- ANSWER Inputs in the development of
When defining the success measures for the organization's risk strategy, the risk manage-
ment professional will include which of the following steps? - ANSWER A review of the
goals and objectives of the risk strategy
1
, Which of the following BEST guides an organization's risk management decision-making pro-
cess? - ANSWER Risk strategy approach
An effective risk communication strategy requires the selection of appropriate: - ANSWER
Media channels
A business model is a set of assumptions about the: - ANSWER Way an organization cre-
ates value
Which of the following is considered a risk analysis technique? - ANSWER Monte Carlo
simulation
When an operational area develops a treatment for a critical risk, the risk management pro-
fessional MUST: - ANSWER Evaluate the impact upon other areas
A risk management professional advises management on the status of key risks by: - AN-
SWER Providing insights into the changing characteristics of a risk
STEEP is a method used for strategic planning. The acronym STEEP stands for: - ANSWER
Social, technological, economic, environmental, political
Once risks have been analyzed, the risk management professional should evaluate the risks
against the risk_____ - ANSWER Appetite
After validating the training criteria, a risk management professional: - ANSWER Sched-
ules and conducts training
What can a risk management professional recommend to management to protect an organi-
zation's critical infrastructure from a cyber attack? - ANSWER Implement password proto-
cols
2
