CDFM Study Guide Section 1.3
Management's Responsibility for
Enterprise Risk Management and
Internal Control Exam Questions And
Answers
/. What are the components of a governance framework? - Answer-✅Enterprise Risk
Management (ERM) and Internal Control
/.What does Enterprise Risk Management deal with? - Answer-✅Identifying, assessing,
and managing risks
/.Internal controls is a process to do? - Answer-✅a process effected by an entity's
oversight body, management, and their personnel that provides reasonable assurance
that the objectives of an entity will be achieved
/.Risks arise from a variety of external and internal environments including? - Answer-
✅Economic, operational, and organizational change factors
/.What 2 authoritative guidance documents are at the center of requirements to improve
accountability in federal governments programs and operations? - Answer-✅Federal
Managers Financial Integrity Act (FMFIA) of 1982 and OMB Circular A-123
/.Who are international standard setters in the fields of risk management and internal
control that incorporate internal control as part of the larger risk management process? -
Answer-✅Committee of Sponsoring Organizations (COSO) and the International
Organization for Standardization (ISO)
/.What legal framework requires ongoing evaluations and reports of the adequacy of the
systems of internal accounting and administrative control of each Executive agency?
(Annual Statement of Assurance) - Answer-✅Federal Manager's Financial Integrity Act
(FMFIA) of 1982
/.What circular provides guidance to Federal managers on establishing an enterprise
risk management capability and on improving the accountability and effectiveness of
Federal programs and operations by establishing, assessing, correcting, and reporting
internal control? - Answer-✅OMB Circular A-123
, /.What implemented the FMFIA of 1982 within the Executive branch? - Answer-✅OMB
Circular A-123
/.What required the U.S. GAO to establish the standards for internal controls in the
federal government? (Green book) - Answer-✅FMFIA of 1982
/.What was established to implement the FMFIA of 1982 and OMB Circular A-123 within
the DoD? - Answer-✅DoD Managers Internal Control Program, DoDI 5010.40
/.What does the DoDI 5010.40 provide guidance for? - Answer-✅Guidance for DoD
Management to apply in reviewing, assessing, and reporting on the effectiveness of
internal controls within their respective organizations
/.What directive made agencies report goals and objectives? - Answer-✅Government
Performance and Results Act Modernization Act (GPRAMA)
/.What are the objectives of the FMFIA of 1982? (3 things) - Answer-✅1) Obligations
and Costs are in compliance with applicable law
2) Funds, property, and other assets are safeguarded against waste, loss, unauthorized
use, or misappropriation
3) Revenues and expenditures are properly recorded and accounted for
/.FMFIA requires the head of each Executive agency to submit annually to the President
and Congress? (2 things) - Answer-✅1) Statement of Assurance
2) Report on material weaknesses in the agency's controls
/.What is the definition of ERM as defined by OMB? - Answer-✅An effective agency-
wide approach to addressing the full spectrum of the organizations external and internal
risks by understanding the combined impact of risks as an interrelated portfolio, rather
than addressing risks only within silos
/.An ERM program, when established, should? - Answer-✅Be fully integrated into
agency decision making processes (setting the tone at the top)
/.True or False: OMB A-123 requires each agency to develop an Annual Risk profile? -
Answer-✅True
/.What is the primary purpose of a risk profile? - Answer-✅to provide a thoughtful
analysis of the risks an agency faces towards achieving its strategic objectives and
arising from its activities and operations
/.What are the 7 components as prescribed by OMB A-123 when agencies develop a
risk profile? - Answer-✅1) Identification of Objectives
2) Identification of Risk
Management's Responsibility for
Enterprise Risk Management and
Internal Control Exam Questions And
Answers
/. What are the components of a governance framework? - Answer-✅Enterprise Risk
Management (ERM) and Internal Control
/.What does Enterprise Risk Management deal with? - Answer-✅Identifying, assessing,
and managing risks
/.Internal controls is a process to do? - Answer-✅a process effected by an entity's
oversight body, management, and their personnel that provides reasonable assurance
that the objectives of an entity will be achieved
/.Risks arise from a variety of external and internal environments including? - Answer-
✅Economic, operational, and organizational change factors
/.What 2 authoritative guidance documents are at the center of requirements to improve
accountability in federal governments programs and operations? - Answer-✅Federal
Managers Financial Integrity Act (FMFIA) of 1982 and OMB Circular A-123
/.Who are international standard setters in the fields of risk management and internal
control that incorporate internal control as part of the larger risk management process? -
Answer-✅Committee of Sponsoring Organizations (COSO) and the International
Organization for Standardization (ISO)
/.What legal framework requires ongoing evaluations and reports of the adequacy of the
systems of internal accounting and administrative control of each Executive agency?
(Annual Statement of Assurance) - Answer-✅Federal Manager's Financial Integrity Act
(FMFIA) of 1982
/.What circular provides guidance to Federal managers on establishing an enterprise
risk management capability and on improving the accountability and effectiveness of
Federal programs and operations by establishing, assessing, correcting, and reporting
internal control? - Answer-✅OMB Circular A-123
, /.What implemented the FMFIA of 1982 within the Executive branch? - Answer-✅OMB
Circular A-123
/.What required the U.S. GAO to establish the standards for internal controls in the
federal government? (Green book) - Answer-✅FMFIA of 1982
/.What was established to implement the FMFIA of 1982 and OMB Circular A-123 within
the DoD? - Answer-✅DoD Managers Internal Control Program, DoDI 5010.40
/.What does the DoDI 5010.40 provide guidance for? - Answer-✅Guidance for DoD
Management to apply in reviewing, assessing, and reporting on the effectiveness of
internal controls within their respective organizations
/.What directive made agencies report goals and objectives? - Answer-✅Government
Performance and Results Act Modernization Act (GPRAMA)
/.What are the objectives of the FMFIA of 1982? (3 things) - Answer-✅1) Obligations
and Costs are in compliance with applicable law
2) Funds, property, and other assets are safeguarded against waste, loss, unauthorized
use, or misappropriation
3) Revenues and expenditures are properly recorded and accounted for
/.FMFIA requires the head of each Executive agency to submit annually to the President
and Congress? (2 things) - Answer-✅1) Statement of Assurance
2) Report on material weaknesses in the agency's controls
/.What is the definition of ERM as defined by OMB? - Answer-✅An effective agency-
wide approach to addressing the full spectrum of the organizations external and internal
risks by understanding the combined impact of risks as an interrelated portfolio, rather
than addressing risks only within silos
/.An ERM program, when established, should? - Answer-✅Be fully integrated into
agency decision making processes (setting the tone at the top)
/.True or False: OMB A-123 requires each agency to develop an Annual Risk profile? -
Answer-✅True
/.What is the primary purpose of a risk profile? - Answer-✅to provide a thoughtful
analysis of the risks an agency faces towards achieving its strategic objectives and
arising from its activities and operations
/.What are the 7 components as prescribed by OMB A-123 when agencies develop a
risk profile? - Answer-✅1) Identification of Objectives
2) Identification of Risk
