BUSN350 Business Analysis
Final Exam Review (Qns & Ans)
2025
1. What is the primary purpose of risk analysis in business?
A. To eliminate all risks entirely
B. To identify,
C. Competitive landscape
D. Organizational culture
ANS: A., B., C., D.
Rationale: All of these factors can influence an organization's
risk appetite. Industry regulations may impose certain risk
requirements. Financial resources can affect an organization's
©2025
,ability to manage risk. The competitive landscape can influence
the risks that an organization is willing to take. And
organizational culture can shape an organization's overall
approach to risk.
Multiple Choice:
Question: Which risk management framework is widely
recognized and used by organizations worldwide?
A. COSO
B. ISO 31000
C. NIST Cybersecurity Framework
D. All of the above
ANS: D. All of the above
Rationale: These are all widely recognized and used risk
management frameworks. COSO is a framework for enterprise
risk management. ISO 31000 is an international standard for risk
management. The NIST Cybersecurity Framework is a framework
for managing cybersecurity risks.
Question: What is the primary purpose of a risk assessment?
©2025
, A. To identify and analyze potential risks.
B. To develop risk response plans.
C. To monitor and control risks.
D. To communicate risk information to stakeholders.
ANS: A. To identify and analyze potential risks.
Rationale: The primary purpose of a risk assessment is to
identify and analyze potential risks, laying the foundation for
subsequent risk management activities.
Question: Which of the following is NOT a common risk
assessment technique?
A. Risk matrix
B. Risk register
C. Risk appetite statement
D. Risk heat map
ANS: C. Risk appetite statement
©2025
, Rationale: A risk appetite statement defines an organization's
willingness to accept risk. It is not a risk assessment technique,
but rather a guiding principle for risk management.
Fill-in-the-Blank:
Question: A __ is a tool used to prioritize risks based on their
likelihood and impact.
ANS: Risk matrix
Question: The process of monitoring and controlling risks over
time is known as __.
ANS: Risk management
True/False:
Question: Risk mitigation strategies are always effective in
eliminating risk.
ANS: False
©2025
Final Exam Review (Qns & Ans)
2025
1. What is the primary purpose of risk analysis in business?
A. To eliminate all risks entirely
B. To identify,
C. Competitive landscape
D. Organizational culture
ANS: A., B., C., D.
Rationale: All of these factors can influence an organization's
risk appetite. Industry regulations may impose certain risk
requirements. Financial resources can affect an organization's
©2025
,ability to manage risk. The competitive landscape can influence
the risks that an organization is willing to take. And
organizational culture can shape an organization's overall
approach to risk.
Multiple Choice:
Question: Which risk management framework is widely
recognized and used by organizations worldwide?
A. COSO
B. ISO 31000
C. NIST Cybersecurity Framework
D. All of the above
ANS: D. All of the above
Rationale: These are all widely recognized and used risk
management frameworks. COSO is a framework for enterprise
risk management. ISO 31000 is an international standard for risk
management. The NIST Cybersecurity Framework is a framework
for managing cybersecurity risks.
Question: What is the primary purpose of a risk assessment?
©2025
, A. To identify and analyze potential risks.
B. To develop risk response plans.
C. To monitor and control risks.
D. To communicate risk information to stakeholders.
ANS: A. To identify and analyze potential risks.
Rationale: The primary purpose of a risk assessment is to
identify and analyze potential risks, laying the foundation for
subsequent risk management activities.
Question: Which of the following is NOT a common risk
assessment technique?
A. Risk matrix
B. Risk register
C. Risk appetite statement
D. Risk heat map
ANS: C. Risk appetite statement
©2025
, Rationale: A risk appetite statement defines an organization's
willingness to accept risk. It is not a risk assessment technique,
but rather a guiding principle for risk management.
Fill-in-the-Blank:
Question: A __ is a tool used to prioritize risks based on their
likelihood and impact.
ANS: Risk matrix
Question: The process of monitoring and controlling risks over
time is known as __.
ANS: Risk management
True/False:
Question: Risk mitigation strategies are always effective in
eliminating risk.
ANS: False
©2025
