RIMS - CRMP Complete Study Guide m m m m m
1. Risks: The effect of uncertainty on objectives
m m m m m m
The chance of something happening that will have an impact on objectives
m m m m m m m m m m m
Being prepared for the worst and being poised to exploit opportunities as they are
m m m m m m m m m m m m m m
discovered
2. Enterprise Risk Management: A strategic business discipline that supports thea
m m m m m m m m m m
chievement of an organization's objectives by addressing the full spectrum of its ris
m m m m m m m m m m m m
ks and managing the combined impact of those risks as an interrelated risk portfolio
m m m m m m m m m m m m m
.
3. Support Function: Business continuity and crisis management: Risk identifi-
m m m m m m m m
cation, assessment and creation of emergency response and recovery plans relatedto t
m m m m m m m m m m m m m
hreats or hazards that might lead to operational disruptions
m m m m m m m m
4. Analysis: A systematic examination and evaluation of data or information by brea
m m m m m m m m m m m
king it into its component parts to uncover their relationships. An examination ofdata
m m m m m m m m m m m m m m
and facts to uncover and understand cause-
m m m m m m
effect relationships, thus providingbasis for problem solving and decision making.
m m m m m m m m m m
5. To embed risk management in both routine and strategic decision, what sh
m m m m m m m m m m m
ould managers be able to recognize?: The type of decision being made; Whoshoul
m m m m m m m m m m m m m
1m/m26
,d be included in the decision making process; Where in the process decisionsare bein
m m m m m m m m m m m m m m
g made
m
6. Risk management strategies' general focus: Meeting or exceeding an organi-
m m m m m m m m m
zation's objectives
m m
Adhering to control- m m
based objectives, rules and/or controlsComplying with regu
m m m m m m m
latory requirements
m
7. Support Function: Internal Audit: Risk identification, assessment and treatmentt
m m m m m m m m m
hrough audit plans with focus on fraud, corruption, regulatory noncompliance and/or
m m m m m m m m m m
misrepresentation related to the organization's internal control systems, financial o
m m m m m m m m m
perations, financial statements and reporting as well as enterprise risk and the orga
m m m m m m m m m m m m
nization's risk management framework and process.
m m m m m
8. What steps can the risk management professional take to embed risk mana
m m m m m m m m m m m
gement in decision making?: Include risk assessment in planning process;Leverag
m m m m m m m m m m
e cross-
m
functional risk assessment team and subject matter experts to identify enterprise ris
m m m m m m m m m m m
ks; Consider cascading and cumulative effects
m m m m m
9. Gap Analysis: Technique that can be used to determine what steps might needto
m m m m m m m m m m m m m m
be taken to improve the organization's capacity to move from a current state to ades
m m m m m m m m m m m m m m m
2m/m26
,ired future state.
m m
10. Risk appetite: The total exposed amount that an organization wishes to un-
m m m m m m m m m m m
m dertake on the basis of risk-return trade-
m m m m m m
offs for one or more desire and expectedoutcomes.
m m m m m m m m
3m/m26
, 11. Communication and Consultation: Risk management professional's role inI m m m m m m m m
mplementing Risk Strategies m m
12. Support Function: Legal: Risk identification, assessment and treatment of risks
m m m m m m m m m
m related to the obligation an organization undertakes and transfers through con-
m m m m m m m m m m
tracting, as well as its compliance with applicable laws and regulatory obligations.
m m m m m m m m m m m m
13. What are the typical failures in risk management which can be avoided if i
m m m m m m m m m m m m m
t is embedded in the decision making process?: Program not integrated into stra
m m m m m m m m m m m m
tegy or its execution; Focused on the wrong risks; Not executed in a repeatableproce
m m m m m m m m m m m m m m
ss; Risk management is practiced in a silo; Activity not viewed as being valueadded
m m m m m m m m m m m m m m
14. Strategic Plan: Determines that actions the organization will take at any stageof
m m m m m m m m m m m m
m the planning period as circumstances change.
m m m m m
15. Risk owner: The individual who is ultimately accountable for ensuring that risk
m m m m m m m m m m m m
is managed appropriately, including the implementation of selected responses.
m m m m m m m m
16. Risk Identification Process: Finding, Recognizing and Recording Risks
m m m m m m m
17. Support Function: Compliance: Risk identification, assessment and treatmentof
m m m m m m m m m
risk related to regulations that may affect the organization's ability to operate in itsre
m m m m m m m m m m m m m m
spective jurisdictions, as well as activities that fall within its compliance and ethicspr
m m m m m m m m m m m m m
ograms.
18. To successfully integrate risk management into decision making, risk man
m m m m m m m m m
4m/m26
1. Risks: The effect of uncertainty on objectives
m m m m m m
The chance of something happening that will have an impact on objectives
m m m m m m m m m m m
Being prepared for the worst and being poised to exploit opportunities as they are
m m m m m m m m m m m m m m
discovered
2. Enterprise Risk Management: A strategic business discipline that supports thea
m m m m m m m m m m
chievement of an organization's objectives by addressing the full spectrum of its ris
m m m m m m m m m m m m
ks and managing the combined impact of those risks as an interrelated risk portfolio
m m m m m m m m m m m m m
.
3. Support Function: Business continuity and crisis management: Risk identifi-
m m m m m m m m
cation, assessment and creation of emergency response and recovery plans relatedto t
m m m m m m m m m m m m m
hreats or hazards that might lead to operational disruptions
m m m m m m m m
4. Analysis: A systematic examination and evaluation of data or information by brea
m m m m m m m m m m m
king it into its component parts to uncover their relationships. An examination ofdata
m m m m m m m m m m m m m m
and facts to uncover and understand cause-
m m m m m m
effect relationships, thus providingbasis for problem solving and decision making.
m m m m m m m m m m
5. To embed risk management in both routine and strategic decision, what sh
m m m m m m m m m m m
ould managers be able to recognize?: The type of decision being made; Whoshoul
m m m m m m m m m m m m m
1m/m26
,d be included in the decision making process; Where in the process decisionsare bein
m m m m m m m m m m m m m m
g made
m
6. Risk management strategies' general focus: Meeting or exceeding an organi-
m m m m m m m m m
zation's objectives
m m
Adhering to control- m m
based objectives, rules and/or controlsComplying with regu
m m m m m m m
latory requirements
m
7. Support Function: Internal Audit: Risk identification, assessment and treatmentt
m m m m m m m m m
hrough audit plans with focus on fraud, corruption, regulatory noncompliance and/or
m m m m m m m m m m
misrepresentation related to the organization's internal control systems, financial o
m m m m m m m m m
perations, financial statements and reporting as well as enterprise risk and the orga
m m m m m m m m m m m m
nization's risk management framework and process.
m m m m m
8. What steps can the risk management professional take to embed risk mana
m m m m m m m m m m m
gement in decision making?: Include risk assessment in planning process;Leverag
m m m m m m m m m m
e cross-
m
functional risk assessment team and subject matter experts to identify enterprise ris
m m m m m m m m m m m
ks; Consider cascading and cumulative effects
m m m m m
9. Gap Analysis: Technique that can be used to determine what steps might needto
m m m m m m m m m m m m m m
be taken to improve the organization's capacity to move from a current state to ades
m m m m m m m m m m m m m m m
2m/m26
,ired future state.
m m
10. Risk appetite: The total exposed amount that an organization wishes to un-
m m m m m m m m m m m
m dertake on the basis of risk-return trade-
m m m m m m
offs for one or more desire and expectedoutcomes.
m m m m m m m m
3m/m26
, 11. Communication and Consultation: Risk management professional's role inI m m m m m m m m
mplementing Risk Strategies m m
12. Support Function: Legal: Risk identification, assessment and treatment of risks
m m m m m m m m m
m related to the obligation an organization undertakes and transfers through con-
m m m m m m m m m m
tracting, as well as its compliance with applicable laws and regulatory obligations.
m m m m m m m m m m m m
13. What are the typical failures in risk management which can be avoided if i
m m m m m m m m m m m m m
t is embedded in the decision making process?: Program not integrated into stra
m m m m m m m m m m m m
tegy or its execution; Focused on the wrong risks; Not executed in a repeatableproce
m m m m m m m m m m m m m m
ss; Risk management is practiced in a silo; Activity not viewed as being valueadded
m m m m m m m m m m m m m m
14. Strategic Plan: Determines that actions the organization will take at any stageof
m m m m m m m m m m m m
m the planning period as circumstances change.
m m m m m
15. Risk owner: The individual who is ultimately accountable for ensuring that risk
m m m m m m m m m m m m
is managed appropriately, including the implementation of selected responses.
m m m m m m m m
16. Risk Identification Process: Finding, Recognizing and Recording Risks
m m m m m m m
17. Support Function: Compliance: Risk identification, assessment and treatmentof
m m m m m m m m m
risk related to regulations that may affect the organization's ability to operate in itsre
m m m m m m m m m m m m m m
spective jurisdictions, as well as activities that fall within its compliance and ethicspr
m m m m m m m m m m m m m
ograms.
18. To successfully integrate risk management into decision making, risk man
m m m m m m m m m
4m/m26
