Page | 1
RIMS - CRMP Complete Study Guide;
Questions with Detailed Verified Answers
Risks Ans: The effect of uncertainty on objectives
The chance of something happening that will have an impact on
objectives
Being prepared for the worst and being poised to exploit opportunities as
they are discovered
Enterprise Risk Management Ans: A strategic business discipline that
supports the achievement of an organization's objectives by addressing
the full spectrum of its risks and managing the combined impact of those
risks as an interrelated risk portfolio.
Support Function: Business continuity and crisis management Ans: Risk
identification, assessment and creation of emergency response and
recovery plans related to threats or hazards that might lead to
operational disruptions
Analysis Ans: A systematic examination and evaluation of data or
information by breaking it into its component parts to uncover their
relationships. An examination of data and facts to uncover and
, Page | 2
understand cause-effect relationships, thus providing basis for problem
solving and decision making.
To embed risk management in both routine and strategic decision, what
should managers be able to recognize? Ans: The type of decision being
made; Who should be included in the decision making process; Where in
the process decisions are being made
Risk management strategies' general focus Ans: Meeting or exceeding
an organization's objectives
Adhering to control-based objectives, rules and/or controls
Complying with regulatory requirements
Support Function: Internal Audit Ans: Risk identification, assessment
and treatment through audit plans with focus on fraud, corruption,
regulatory noncompliance and/or misrepresentation related to the
organization's internal control systems, financial operations, financial
statements and reporting as well as enterprise risk and the organization's
risk management framework and process.
What steps can the risk management professional take to embed risk
management in decision making? Ans: Include risk assessment in
planning process; Leverage cross-functional risk assessment team and
subject matter experts to identify enterprise risks; Consider cascading
and cumulative effects
, Page | 3
Gap Analysis Ans: Technique that can be used to determine what steps
might need to be taken to improve the organization's capacity to move
from a current state to a desired future state.
Risk appetite Ans: The total exposed amount that an organization
wishes to undertake on the basis of risk-return trade-offs for one or more
desire and expected outcomes.
Communication and Consultation Ans: Risk management professional's
role in Implementing Risk Strategies
Support Function: Legal Ans: Risk identification, assessment and
treatment of risks related to the obligation an organization undertakes
and transfers through contracting, as well as its compliance with
applicable laws and regulatory obligations.
What are the typical failures in risk management which can be avoided if
it is embedded in the decision making process? Ans: Program not
integrated into strategy or its execution; Focused on the wrong risks; Not
executed in a repeatable process; Risk management is practiced in a silo;
Activity not viewed as being value added
Strategic Plan Ans: Determines that actions the organization will take at
any stage of the planning period as circumstances change.
Risk owner Ans: The individual who is ultimately accountable for
ensuring that risk is managed appropriately, including the
implementation of selected responses.
, Page | 4
Risk Identification Process Ans: Finding, Recognizing and Recording
Risks
Support Function: Compliance Ans: Risk identification, assessment and
treatment of risk related to regulations that may affect the organization's
ability to operate in its respective jurisdictions, as well as activities that
fall within its compliance and ethics programs.
To successfully integrate risk management into decision making, risk
management professionals will rely on strategies that draw on personal
and technical skills in Ans: Building organizational awareness; .
Differentiating the different types of decisions used in varying situations
using elements of decision quality; Performing various roles in the taking
risk into account in decision-making process
Strategy Ans: A complete plan of action for whatever situations might
arise in achieving an organization's goals within the established time.
Risk tolerance Ans: The amount of uncertainty an organization is
prepared to accept in total or more narrowly within a certain business
unit, a particular risk category or for a specific initiative.
Strategic Risk Management Ans: A business discipline that drives
deliberation and action regarding uncertainties and untapped
opportunities that affect an organization's strategy and strategic
execution.
RIMS - CRMP Complete Study Guide;
Questions with Detailed Verified Answers
Risks Ans: The effect of uncertainty on objectives
The chance of something happening that will have an impact on
objectives
Being prepared for the worst and being poised to exploit opportunities as
they are discovered
Enterprise Risk Management Ans: A strategic business discipline that
supports the achievement of an organization's objectives by addressing
the full spectrum of its risks and managing the combined impact of those
risks as an interrelated risk portfolio.
Support Function: Business continuity and crisis management Ans: Risk
identification, assessment and creation of emergency response and
recovery plans related to threats or hazards that might lead to
operational disruptions
Analysis Ans: A systematic examination and evaluation of data or
information by breaking it into its component parts to uncover their
relationships. An examination of data and facts to uncover and
, Page | 2
understand cause-effect relationships, thus providing basis for problem
solving and decision making.
To embed risk management in both routine and strategic decision, what
should managers be able to recognize? Ans: The type of decision being
made; Who should be included in the decision making process; Where in
the process decisions are being made
Risk management strategies' general focus Ans: Meeting or exceeding
an organization's objectives
Adhering to control-based objectives, rules and/or controls
Complying with regulatory requirements
Support Function: Internal Audit Ans: Risk identification, assessment
and treatment through audit plans with focus on fraud, corruption,
regulatory noncompliance and/or misrepresentation related to the
organization's internal control systems, financial operations, financial
statements and reporting as well as enterprise risk and the organization's
risk management framework and process.
What steps can the risk management professional take to embed risk
management in decision making? Ans: Include risk assessment in
planning process; Leverage cross-functional risk assessment team and
subject matter experts to identify enterprise risks; Consider cascading
and cumulative effects
, Page | 3
Gap Analysis Ans: Technique that can be used to determine what steps
might need to be taken to improve the organization's capacity to move
from a current state to a desired future state.
Risk appetite Ans: The total exposed amount that an organization
wishes to undertake on the basis of risk-return trade-offs for one or more
desire and expected outcomes.
Communication and Consultation Ans: Risk management professional's
role in Implementing Risk Strategies
Support Function: Legal Ans: Risk identification, assessment and
treatment of risks related to the obligation an organization undertakes
and transfers through contracting, as well as its compliance with
applicable laws and regulatory obligations.
What are the typical failures in risk management which can be avoided if
it is embedded in the decision making process? Ans: Program not
integrated into strategy or its execution; Focused on the wrong risks; Not
executed in a repeatable process; Risk management is practiced in a silo;
Activity not viewed as being value added
Strategic Plan Ans: Determines that actions the organization will take at
any stage of the planning period as circumstances change.
Risk owner Ans: The individual who is ultimately accountable for
ensuring that risk is managed appropriately, including the
implementation of selected responses.
, Page | 4
Risk Identification Process Ans: Finding, Recognizing and Recording
Risks
Support Function: Compliance Ans: Risk identification, assessment and
treatment of risk related to regulations that may affect the organization's
ability to operate in its respective jurisdictions, as well as activities that
fall within its compliance and ethics programs.
To successfully integrate risk management into decision making, risk
management professionals will rely on strategies that draw on personal
and technical skills in Ans: Building organizational awareness; .
Differentiating the different types of decisions used in varying situations
using elements of decision quality; Performing various roles in the taking
risk into account in decision-making process
Strategy Ans: A complete plan of action for whatever situations might
arise in achieving an organization's goals within the established time.
Risk tolerance Ans: The amount of uncertainty an organization is
prepared to accept in total or more narrowly within a certain business
unit, a particular risk category or for a specific initiative.
Strategic Risk Management Ans: A business discipline that drives
deliberation and action regarding uncertainties and untapped
opportunities that affect an organization's strategy and strategic
execution.
