RIMS CRMP Complete Study Guide; 1 Analyze the Business Model,
2 Developing Organizational Risk Strategies,
3 RIMS CRMP-Implementing the Risk Process,
4 Developing Organizational Risk Management Competency,
5 Supporting Decision Making
1. Risks: The effect of uncertainty on objectives
The chance of something happening that will have an impact on objectives Being
prepared for the worst and being poised to exploit opportunities as they
arediscovered
2. Enterprise Risk Management: A strategic business discipline that supports
theachievement of an organization's objectives by addressing the full spectrum of
itsrisks and managing the combined impact of those risks as an interrelated risk
portfolio.
3. Support Function: Business continuity and crisis management: Risk iden-
tification, assessment and creation of emergency response and recovery plans
related to threats or hazards that might lead to operational disruptions
4. Analysis: A systematic examination and evaluation of data or information by
breaking it into its component parts to uncover their relationships. An
examinationof data and facts to uncover and understand
,cause-effect relationships, thus providing basis for problem solving and decision
making.
5. To embed risk management in both routine and strategic decision, what should
managers be able to recognize?: The type of decision being made; Whoshould be
included in the decision making process; Where in the process decisionsare being
made
6. Risk management strategies' general focus: Meeting or exceeding an orga-
nization's objectives
Adhering to control-based objectives, rules and/or controlsComplying with
regulatory requirements
7. Support Function: Internal Audit: Risk identification, assessment and treat- ment
through audit plans with focus on fraud, corruption, regulatory noncomplianceand/or
misrepresentation related to the organization's internal control systems, financial
operations, financial statements and reporting as well as enterprise risk and the
organization's risk management framework and process.
8. What steps can the risk management professional take to embed risk management
in decision making?: Include risk assessment in planning process;Leverage cross-
functional risk assessment team and subject matter experts to identify enterprise
risks; Consider cascading and cumulative effects
,9. Gap Analysis: Technique that can be used to determine what steps might need to
be taken to improve the organization's capacity to move from a current state toa
desired future state.
10. Risk appetite: The total exposed amount that an organization wishes to un-
dertake on the basis of risk-return trade-offs for one or more desire and
expectedoutcomes.
11. Communication and Consultation: Risk management professional's role
inImplementing Risk Strategies
12. Support Function: Legal: Risk identification, assessment and treatment of risks
related to the obligation an organization undertakes and transfers through
contracting, as well as its compliance with applicable laws and regulatory obliga-
tions.
13. What are the typical failures in risk management which can be avoided ifit is
embedded in the decision making process?: Program not integrated into strategy or
its execution; Focused on the wrong risks; Not executed in a repeatableprocess; Risk
management is practiced in a silo; Activity not viewed as being valueadded
14. Strategic Plan: Determines that actions the organization will take at any stageof
the planning period as circumstances change.
15. Risk owner: The individual who is ultimately accountable for ensuring
that riskis managed appropriately, including the implementation of selected
, responses.
16. Risk Identification Process: Finding, Recognizing and Recording Risks
17. Support Function: Compliance: Risk identification, assessment and treat- ment of
risk related to regulations that may affect the organization's ability to oper-ate in its
respective jurisdictions, as well as activities that fall within its complianceand ethics
programs.
18. To successfully integrate risk management into decision making, risk
management professionals will rely on strategies that draw on personal and
technical skills in: Building organizational awareness; . Differentiating the
different types of decisions used in varying situations using elements of decision
quality; Performing various roles in the taking risk into account in decision-
makingprocess
2 Developing Organizational Risk Strategies,
3 RIMS CRMP-Implementing the Risk Process,
4 Developing Organizational Risk Management Competency,
5 Supporting Decision Making
1. Risks: The effect of uncertainty on objectives
The chance of something happening that will have an impact on objectives Being
prepared for the worst and being poised to exploit opportunities as they
arediscovered
2. Enterprise Risk Management: A strategic business discipline that supports
theachievement of an organization's objectives by addressing the full spectrum of
itsrisks and managing the combined impact of those risks as an interrelated risk
portfolio.
3. Support Function: Business continuity and crisis management: Risk iden-
tification, assessment and creation of emergency response and recovery plans
related to threats or hazards that might lead to operational disruptions
4. Analysis: A systematic examination and evaluation of data or information by
breaking it into its component parts to uncover their relationships. An
examinationof data and facts to uncover and understand
,cause-effect relationships, thus providing basis for problem solving and decision
making.
5. To embed risk management in both routine and strategic decision, what should
managers be able to recognize?: The type of decision being made; Whoshould be
included in the decision making process; Where in the process decisionsare being
made
6. Risk management strategies' general focus: Meeting or exceeding an orga-
nization's objectives
Adhering to control-based objectives, rules and/or controlsComplying with
regulatory requirements
7. Support Function: Internal Audit: Risk identification, assessment and treat- ment
through audit plans with focus on fraud, corruption, regulatory noncomplianceand/or
misrepresentation related to the organization's internal control systems, financial
operations, financial statements and reporting as well as enterprise risk and the
organization's risk management framework and process.
8. What steps can the risk management professional take to embed risk management
in decision making?: Include risk assessment in planning process;Leverage cross-
functional risk assessment team and subject matter experts to identify enterprise
risks; Consider cascading and cumulative effects
,9. Gap Analysis: Technique that can be used to determine what steps might need to
be taken to improve the organization's capacity to move from a current state toa
desired future state.
10. Risk appetite: The total exposed amount that an organization wishes to un-
dertake on the basis of risk-return trade-offs for one or more desire and
expectedoutcomes.
11. Communication and Consultation: Risk management professional's role
inImplementing Risk Strategies
12. Support Function: Legal: Risk identification, assessment and treatment of risks
related to the obligation an organization undertakes and transfers through
contracting, as well as its compliance with applicable laws and regulatory obliga-
tions.
13. What are the typical failures in risk management which can be avoided ifit is
embedded in the decision making process?: Program not integrated into strategy or
its execution; Focused on the wrong risks; Not executed in a repeatableprocess; Risk
management is practiced in a silo; Activity not viewed as being valueadded
14. Strategic Plan: Determines that actions the organization will take at any stageof
the planning period as circumstances change.
15. Risk owner: The individual who is ultimately accountable for ensuring
that riskis managed appropriately, including the implementation of selected
, responses.
16. Risk Identification Process: Finding, Recognizing and Recording Risks
17. Support Function: Compliance: Risk identification, assessment and treat- ment of
risk related to regulations that may affect the organization's ability to oper-ate in its
respective jurisdictions, as well as activities that fall within its complianceand ethics
programs.
18. To successfully integrate risk management into decision making, risk
management professionals will rely on strategies that draw on personal and
technical skills in: Building organizational awareness; . Differentiating the
different types of decisions used in varying situations using elements of decision
quality; Performing various roles in the taking risk into account in decision-
makingprocess
