1
RIMS-CRMP EXAM STUDY GUIDE 2026/2027 |
Complete Answers All Domains | Certified Risk
Management Professional | Pass Guaranteed - A+
Graded
DOMAIN 1: ANALYZING THE BUSINESS MODEL (Q1-30)
Subdomain 1A: External & Internal Environment Analysis (PESTLE, SWOT, Value
Chain) (Q1-15)
Question 1
A risk management team at a multinational manufacturing firm is analyzing the
external environment prior to entering a new Southeast Asian market. They identify
factors including: tightening environmental regulations on carbon emissions, rising
inflation rates, increasing consumer preference for sustainable products, adoption of
Industry 4.0 automation, new data privacy legislation, and frequent geopolitical
tensions in the region. Which analytical framework is most appropriate for
categorizing these factors systematically?
A. Root cause analysis
B. PESTLE analysis
C. Failure mode and effects analysis (FMEA)
D. Business impact analysis (BIA)
Correct Answer: B. PESTLE analysis [CORRECT]
Rationale: PESTLE (Political, Economic, Social, Technological, Legal, Environmental) is
the standard framework for systematic external macro-environmental scanning. Root
cause analysis (A) identifies sources of failures. FMEA (C) evaluates process failure
modes. BIA (D) assesses operational disruption impacts.
Question 2
During a PESTLE analysis, a risk professional categorizes "increasing minimum wage
legislation" under the Social factor. A colleague argues it belongs elsewhere. Which
PESTLE category is correct for labor wage regulations?
,2
A. Political
B. Economic
C. Social
D. Legal
Correct Answer: D. Legal [CORRECT]
Rationale: Minimum wage legislation is a statutory/regulatory requirement, making it
a Legal factor. While it has economic and social implications, the PESTLE framework
categorizes factors by their source nature. Political (A) refers to government stability
and policy direction. Economic (B) refers to market conditions. Social (C) refers to
demographics and cultural trends.
Question 3
A pharmaceutical company is evaluating its competitive position. It notes: high costs
for R&D and regulatory compliance, strong patent protection for its drugs, moderate
threat from generic substitutes, significant bargaining power of large hospital
purchasing groups, and intense rivalry among three major competitors. Which
strategic framework best describes this analysis?
A. SWOT analysis
B. Porter's Five Forces
C. Value chain analysis
D. Bow-tie analysis
Correct Answer: B. Porter's Five Forces [CORRECT]
Rationale: Porter's Five Forces analyzes competitive intensity through: threat of new
entrants, bargaining power of suppliers, bargaining power of buyers, threat of
substitutes, and competitive rivalry. SWOT (A) examines internal
strengths/weaknesses and external opportunities/threats. Value chain (C) examines
operational activities. Bow-tie (D) is a risk visualization tool.
Question 4
In a SWOT analysis for a regional bank, which of the following would be correctly
classified as an internal factor?
A. Emerging fintech competition
B. Stringent Basel III capital requirements
,3
C. Robust cybersecurity infrastructure
D. Rising interest rates
Correct Answer: C. Robust cybersecurity infrastructure [CORRECT]
Rationale: SWOT internal factors are Strengths and Weaknesses (controllable, within
the organization). Robust cybersecurity infrastructure is an internal strength.
Emerging competition (A), regulatory requirements (B), and interest rates (D) are
external Opportunities/Threats.
Question 5
A retail company's value chain analysis identifies activities including: receiving and
warehousing inventory, assembling product displays, delivering online orders,
operating customer service centers, and managing supplier negotiations. Which
activity is correctly classified as a support activity under Porter's value chain model?
A. Receiving and warehousing inventory
B. Assembling product displays
C. Delivering online orders
D. Managing supplier negotiations
Correct Answer: D. Managing supplier negotiations [CORRECT]
Rationale: Procurement (supplier negotiations) is a support activity in Porter's value
chain. Primary activities include inbound logistics (A), operations (B), outbound
logistics (C), marketing/sales, and service. Support activities include procurement,
technology development, human resource management, and firm infrastructure.
Question 6
A risk team analyzes a technology firm's external environment and identifies: rapid AI
advancement, increasing cloud computing adoption, and growing cybersecurity
threats. Under PESTLE, these factors belong in which category?
A. Economic
B. Technological
C. Social
D. Environmental
Correct Answer: B. Technological [CORRECT]
, 4
Rationale: AI advancement, cloud computing adoption, and cybersecurity threats are
Technological factors in PESTLE. Economic (A) refers to macroeconomic conditions.
Social (C) refers to cultural/demographic trends. Environmental (D) refers to
ecological/climate factors.
Question 7
During an internal environment review, a hospital identifies outdated electronic
health record systems, high nurse turnover rates, strong physician referral networks,
and excellent trauma center accreditation. In SWOT terminology, how many internal
factors are present?
A. One
B. Two
C. Three
D. Four
Correct Answer: D. Four [CORRECT]
Rationale: All four items are internal factors: outdated EHR systems (Weakness), high
nurse turnover (Weakness), strong referral networks (Strength), and trauma center
accreditation (Strength). SWOT internal factors include all strengths and weaknesses
regardless of whether they are positive or negative.
Question 8
A manufacturing firm's risk assessment identifies that its just-in-time inventory
system creates vulnerability to supply chain disruptions. In value chain analysis, this
risk is most closely associated with which primary activity?
A. Firm infrastructure
B. Inbound logistics
C. Technology development
D. Human resource management
Correct Answer: B. Inbound logistics [CORRECT]
Rationale: Just-in-time inventory and supply chain management are components of
inbound logistics (receiving, storing, and distributing inputs). Firm infrastructure (A)
includes general management and planning. Technology development (C) involves
R&D and process automation. HR management (D) involves recruitment and training.
RIMS-CRMP EXAM STUDY GUIDE 2026/2027 |
Complete Answers All Domains | Certified Risk
Management Professional | Pass Guaranteed - A+
Graded
DOMAIN 1: ANALYZING THE BUSINESS MODEL (Q1-30)
Subdomain 1A: External & Internal Environment Analysis (PESTLE, SWOT, Value
Chain) (Q1-15)
Question 1
A risk management team at a multinational manufacturing firm is analyzing the
external environment prior to entering a new Southeast Asian market. They identify
factors including: tightening environmental regulations on carbon emissions, rising
inflation rates, increasing consumer preference for sustainable products, adoption of
Industry 4.0 automation, new data privacy legislation, and frequent geopolitical
tensions in the region. Which analytical framework is most appropriate for
categorizing these factors systematically?
A. Root cause analysis
B. PESTLE analysis
C. Failure mode and effects analysis (FMEA)
D. Business impact analysis (BIA)
Correct Answer: B. PESTLE analysis [CORRECT]
Rationale: PESTLE (Political, Economic, Social, Technological, Legal, Environmental) is
the standard framework for systematic external macro-environmental scanning. Root
cause analysis (A) identifies sources of failures. FMEA (C) evaluates process failure
modes. BIA (D) assesses operational disruption impacts.
Question 2
During a PESTLE analysis, a risk professional categorizes "increasing minimum wage
legislation" under the Social factor. A colleague argues it belongs elsewhere. Which
PESTLE category is correct for labor wage regulations?
,2
A. Political
B. Economic
C. Social
D. Legal
Correct Answer: D. Legal [CORRECT]
Rationale: Minimum wage legislation is a statutory/regulatory requirement, making it
a Legal factor. While it has economic and social implications, the PESTLE framework
categorizes factors by their source nature. Political (A) refers to government stability
and policy direction. Economic (B) refers to market conditions. Social (C) refers to
demographics and cultural trends.
Question 3
A pharmaceutical company is evaluating its competitive position. It notes: high costs
for R&D and regulatory compliance, strong patent protection for its drugs, moderate
threat from generic substitutes, significant bargaining power of large hospital
purchasing groups, and intense rivalry among three major competitors. Which
strategic framework best describes this analysis?
A. SWOT analysis
B. Porter's Five Forces
C. Value chain analysis
D. Bow-tie analysis
Correct Answer: B. Porter's Five Forces [CORRECT]
Rationale: Porter's Five Forces analyzes competitive intensity through: threat of new
entrants, bargaining power of suppliers, bargaining power of buyers, threat of
substitutes, and competitive rivalry. SWOT (A) examines internal
strengths/weaknesses and external opportunities/threats. Value chain (C) examines
operational activities. Bow-tie (D) is a risk visualization tool.
Question 4
In a SWOT analysis for a regional bank, which of the following would be correctly
classified as an internal factor?
A. Emerging fintech competition
B. Stringent Basel III capital requirements
,3
C. Robust cybersecurity infrastructure
D. Rising interest rates
Correct Answer: C. Robust cybersecurity infrastructure [CORRECT]
Rationale: SWOT internal factors are Strengths and Weaknesses (controllable, within
the organization). Robust cybersecurity infrastructure is an internal strength.
Emerging competition (A), regulatory requirements (B), and interest rates (D) are
external Opportunities/Threats.
Question 5
A retail company's value chain analysis identifies activities including: receiving and
warehousing inventory, assembling product displays, delivering online orders,
operating customer service centers, and managing supplier negotiations. Which
activity is correctly classified as a support activity under Porter's value chain model?
A. Receiving and warehousing inventory
B. Assembling product displays
C. Delivering online orders
D. Managing supplier negotiations
Correct Answer: D. Managing supplier negotiations [CORRECT]
Rationale: Procurement (supplier negotiations) is a support activity in Porter's value
chain. Primary activities include inbound logistics (A), operations (B), outbound
logistics (C), marketing/sales, and service. Support activities include procurement,
technology development, human resource management, and firm infrastructure.
Question 6
A risk team analyzes a technology firm's external environment and identifies: rapid AI
advancement, increasing cloud computing adoption, and growing cybersecurity
threats. Under PESTLE, these factors belong in which category?
A. Economic
B. Technological
C. Social
D. Environmental
Correct Answer: B. Technological [CORRECT]
, 4
Rationale: AI advancement, cloud computing adoption, and cybersecurity threats are
Technological factors in PESTLE. Economic (A) refers to macroeconomic conditions.
Social (C) refers to cultural/demographic trends. Environmental (D) refers to
ecological/climate factors.
Question 7
During an internal environment review, a hospital identifies outdated electronic
health record systems, high nurse turnover rates, strong physician referral networks,
and excellent trauma center accreditation. In SWOT terminology, how many internal
factors are present?
A. One
B. Two
C. Three
D. Four
Correct Answer: D. Four [CORRECT]
Rationale: All four items are internal factors: outdated EHR systems (Weakness), high
nurse turnover (Weakness), strong referral networks (Strength), and trauma center
accreditation (Strength). SWOT internal factors include all strengths and weaknesses
regardless of whether they are positive or negative.
Question 8
A manufacturing firm's risk assessment identifies that its just-in-time inventory
system creates vulnerability to supply chain disruptions. In value chain analysis, this
risk is most closely associated with which primary activity?
A. Firm infrastructure
B. Inbound logistics
C. Technology development
D. Human resource management
Correct Answer: B. Inbound logistics [CORRECT]
Rationale: Just-in-time inventory and supply chain management are components of
inbound logistics (receiving, storing, and distributing inputs). Firm infrastructure (A)
includes general management and planning. Technology development (C) involves
R&D and process automation. HR management (D) involves recruitment and training.
