Download RIMS CRMP New Exam Study Guide: Key Concepts and Definitions and more Exams Credit and Risk Management in PDF only on Docsity!
RIMS CRMP NEW EXAM STUDY GUIDE ALL QUESTIONS AND CORRECT
ANSWERS GRADE A+
Benchmarking - ANSWER The process of measuring the performance of an organization against external standards of reference that frequently come from similar organizations doing similar things.
Corporate Governance - ANSWER The system of rules, practices and processes by which a company is directed and controlled.
Enterprise Risk Management - ANSWER A strategic discipline that supports the achievement of an organization's objectives by addressing the full spectrum of its risk and managing the combined impact of those risks as an interrelated risk portfolio.
Risk Appetite or Risk Tolerance - ANSWER The amount of uncertainty the organization willing to accept in the aggregate, or in any specific business unit, category, or endeavor.
Root Cause - ANSWER A factor that, if removed from a chain of events, causes a problem not to occur or lessens the impact of a problem.
Root Cause Analysis - ANSWER A problem-solving methodology used to find the root causes of problem
Strategic risk management (SRM) - ANSWER A business discipline that drives deliberation and action regarding uncertainties and untapped opportunities that affect an organization's strategy and strategy execution.
SWOT analysis - ANSWER SWOT is an acronym for Strengths, Weaknesses, Opportunities, and Threats and is an analytical approach for environmental scanning that combines internal and external context with obstacles and accelerators to success in achieving objectives.
SMART goals - ANSWER SMART is an acronym for Simple, Measurable, Achievable, Realistic and Timely and refers to characteristics of high quality goals and objectives.
Value Chain - ANSWER A high-level model developed by Michael Porter used to describe the process whereby businesses receive raw materials, add value to the raw materials through various processes into a finished product and then sell that end product to customers. Companies perform value-chain analysis by examining each production step involved in making a product and identify methods of making the chain more efficient. Overall, the goal is to provide maximum value at the lowest possible total cost and to achieve a competitive advantage.
A business model is a set of assumptions about the - ANSWER way an organization creates value
What two analytical tools are especially helpful to analytical tools to analyze the business model? - ANSWER Value chain analysis and benchmarking
Risk Management professional conduct supply-chain analysis to identify - ANSWER potential vulnerabilities to the organization
Which activity does the risk management professional perform immediately after obtaining internal and external information about the organization? - ANSWER Organize the information
The organisation's resources and internal support are__________________the risk management strategy - ANSWER inputs in the development of
When establishing the success measures for the organization's risk strategy the risk management professional will include which of the following steps? - ANSWER A review of the goals and objectives of the risk strategy
Which of the following is considered to be a risk analysis technique? - ANSWER Monte Carlo Simulation
Risk Attitude - ANSWER An organization's or individuals' view/perspective of the perceived qualitative and quantitative value that may be gained in comparison to the related potential loss or losses.
Risk Culture - ANSWER The set of beliefs, values, norms and habits of people and groups in the conduct of an organization that defines the manner in which they identify, perceive, discuss and act towards the risk(s) the organization faces and accepts.
Risk Champion - ANSWER Any individual within an organization who is a leader and influences his or her peers on the value risk management brings to the organization.
Risk governance ANSWER The architecture within which risk management operates in a company
When Risk owners are assisted in the development of risk treatment, it needs to be
A. Take a view of risk as equal
B. To take a business view of the risk
C. Be designed to generate positive ROI in the present year
D. Approval from the Board of Directors - ANSWER B. Risk in business perspective
The risk management practitioner should base information about the business model on
A. Industrial trends
B. Annual reports
C. Analyst reviews
D. Strategic goals - ANSWER D. Strategic goals
If seeking to advise the organization on risks, what type of relationship model should the risk management professional seek to adopt?
A. Compliance
B. Operational
C. Partnership
D. Sales - ANSWER C. Partnership
Which of the following might indicate that the risk context for an organization could be about to change?
A. The organization buys another business
B. The organization changes insurance broker
C. The organization's board of directors reviews a compliance report
D. The organization publishes its annual report - ANSWER A. The organization acquires a new business
What is the FIRST step in delivering risk training?
A. Developing training
B. Identifying existing training
C. Identifying training needs
D. Scheduling training - ANSWER C. Identifying training needs
Risk dimension used for analyzing risks includes amongst others, impact, likelihood and
A. Change in size
B. Coefficient of reliability
The probability, Consequences, other contributing factors like time, length, weakness and dependencies- ANSWER Risk is usually analysed in the basis of
Bow tie analysis - ANSWER hazard analysis technique cause and consequence
Business impact analysis - ANSWER consider business impacts at a location or from a specific process
Gap analysis - ANSWER identify steps to improve the organization's capability to move from a current state to a desired, future state. (current available factors, success factors needed to achieve future desired objectives, highlighting the gaps)
Root Cause Analysis-ANSWER several techniques intended to find the basic or initiating causes of risk sources or drivers. (Fault Tree Analysis, Event Tree Analysis, Failure Mode and Effect Analysis and Cause-and-Effect Analysis - Fishbone Diagram)
Influence analysis / diagrams - ANSWER find out the strength of influencing factors and help determine the possible weighting for consideration during the risk assessment process. Define the root causes of major risks define chain-of-events likely in a scenario, and become foundation for further modeling.
Risk Register Analysis- ANSWER compile the risks into a risk register to analyze and manage those risks in an organized way, usually by category.
Scenario analysis: the ANSWER process of analyzing possible and plausible future events, taking into consideration alternative settings, circumstances, and outcomes. Provides a basis for decision making under differing conditions.
Site analysis - ANSWER leaders at each site do an assessment by analyzing and evaluating the potential risks based on what is being produced at the site coupled with its environmental factors. This may include threat, vulnerability and criticality analyses.
SWOT analysis - ANSWER strengths and weaknesses i.e. internal and opportunities and
threats i.e. external
Monte Carlo analysis - ANSWER mathematical technique that generates random variables for modelling risk or uncertainty of a certain system (simulation). The random variables or inputs are modelled on the basis of probability distributions
Stress analysis - ANSWER a form of simulation used to determine reactions to different situations. Also used to gauge how certain stressors will affect a company or industry.
Influence diagrams, scenario analysis, site analysis, SWOT - ANSWER Examples of qualitative methodology for analyzing data
Bowtie, business impact analysis, fault tree, cause/consequence analysis - ANSWER Examples of combined methodology for analyzing data
Monte Carlo, stress analysis - ANSWER Examples of quantitative methodology for analyzing data
Risk assessment - ANSWER uses which risk criteria include risk appetite, risk tolerance, outputs from risk identification and risk analysis process to determine which risks are acceptable and which require additional modification or treatment
Risk appetite - ANSWER the total exposed amount that an organization wishes to undertake on the basis of risk-return trade-offs for one or more desire and expected outcomes.
Risk tolerance - ANSWER is the degree of uncertainty an organization will accept in the aggregate, or more narrowly for a particular business unit, within a specific risk category, or regarding an initiative.
Risk interdependencies- ANSWER When one risks create the potential to cascade and cause other risks to occur. Again, to recognize those creates an opportunity to support collaboration across many business units because several similar or connected risks
identify the greatest potential to disrupt or accelerate performance?
Risk metrics (key risk indicators) - ANSWER In monitoring risks, what should be integrated into the performance objectives of the organization?
Reviews of the risk treatment plans - ANSWER In monitoring risks, what should be scheduled as an ongoing agenda item in the responsible leader's staff agenda?
Key performance indicators (KPI) - ANSWER help a firm see how it is performing in relation to its strategic goals and objectives.
Key risk indicators (KRI) - ANSWER are leading indicators of risk to business performance, giving early warning about potential risks.
Progress reports- ANSWER What is to be monitored about significant risks and use of risk process?
Leader - ANSWER The role of the risk management professional is to drive the adoption of an enterprise-wide approach in order to enable the organization to achieve its objectives; develop awareness for broad risk management competencies; enable execution of consistent risk assessment methodologies, guiding improvement and monitoring efforts.
Catalyst - ANSWER The role of a risk management professional is to provide insight into emerging risks, provide leading practice perspectives, and share knowledge of possible exposures and the consequences to the organization.
At a risk workshop to facilitate, what is the most appropriate strategy to minimize any perception bias?
A. Engaging with managers
B. Engaging with a diverse group
C. Engaging with other risk management practitioners
D. Engaging with large groups - ANSWER B. Working with a diverse group
To gain better insights into the way uncertainty affects the objectives of the organization, the risk management professional
A. Has a strong incentive to consult and communicate organizational risks
B. Should consult with key risk stakeholders
C. Should focus on identifiable risks
D. Has a duty to inform when risks are outside of a risk tolerance - ANSWER B. Should consult with key risk stakeholders
A very good means by which a risk management professional could analyze operations of an organization is through the establishment of a
A. Risk committee
B. Captive insurance company
C. Risk management department
D. Template to gather information - ANSWER A. Risk committee
Prior to a decision being made, which of the following issues should ALWAYS be escalated to higher level risk committees, management committees, or to the Board?
A. Those that are significant, yet lack crucial information
B. Those that are too complicated and not well comprehended
C. Those that exceed the authority of the intended decision maker or decision-making body
D. Those that fall within the authority of the intended decision maker or decision-making body - ANSWER C. Those that exceed the authority of the intended decision maker or decision-making body
Risk appetite - ANSWER Risk appetite: The amount fully exposed that an organization is willing to take on a risk-return basis for one or more desired and expected outcomes.
Risk attitude - ANSWER Risk attitude: The perception of an organization or individual concerning the value that may be gained compared to the related potential loss or losses.
Risk culture - ANSWER Risk culture: The beliefs, values, norms, and traditions of behaviour of persons and groups within an organization that determine the manner in which they identify, perceive, discuss and act on the risk(s) the organization confronts and takes
Risk champion - ANSWER Risk champion: Any person in an organization who is a leader and influences peers regarding the value that risk management adds to the organization.
Risk governance - ANSWER Risk governance: Encompasses the oversight, practices and respective roles and responsibilities for risk within an organization's unique corporate governance.
Risk management - ANSWER Risk management: Coordinated activities to plan, direct, control and make decisions concerning the effects of uncertainty on objectives.
Risk owner - ANSWER Risk owner: An individual accountable for the identification, assessment, treatment, and monitoring of risks in a specific environment.
Risk portfolio - ANSWER Risk portfolio: A broad collection and range of uncertainties that can affect an organization's future.
Risk appetite - ANSWER Risk appetite: The amount of uncertainty an organization is willing to accept in total or more narrowly within a certain business unit, a particular risk category or for a specific initiative.
Root cause - ANSWER Root cause: Underlying or initiating risk source or driver that generates particular consequences or alters the consequence of an occurrence or occurrences. A term commonly used to describe that point in a sequence of events and/or circumstances where an intervention may reasonably be implemented to enhance performance or prevent an undesirable outcome.
Strategic risk management (SRM)- ANSWER Strategic risk management (SRM): The business discipline of driving deliberation and action regarding uncertainties and untapped opportunities that have a potentially significant impact on strategy and strategy execution
Root cause analysis- ANSWER Root cause analysis: Various risk assessment techniques and approaches, sometimes used in sequence, intended to uncover the root or originating risk source(s) or driver(s).
SWOT analysis - ANSWER SWOT analysis: SWOT is an acronym for Strengths, Weaknesses, Opportunities, and Threats and is an analytical approach to the environmental scanning that couples internal and external context with obstacles and accelerators to success in achieving objectives.
Value chain: A high-level model created by Michael Porter used to describe the way businesses take raw materials in, adds value to raw materials through various processes in order to create a finished product, then sells that finished product to consumers.
Value chain analysis: - ANSWER Value chain analysis: A strategy tool used to analyze activities of internal firm. Its objective is to identify which activities are the most valuable (i.e., are the source of cost or differentiation advantage) to the firm and which may be enhanced to yield competitive advantage.
Risk Management ANSWER The process of making and implementing decisions that will minimize the adverse effects of accidental losses on an organization.
Risk Owner ANSWER A person responsible for the identification, assessment,
immediately after obtaining internal and external information about the organization?
A. analyze the information
B. organize the information
C. prioritize the information
D. report the information - ANSWER B. organize the information
A risk management practitioner should apply which method in a brainstorming session in order to gather data from various departments regarding the identification of shared/organization-wide risks?
A. checklists
B. flowcharts
C. workshops
D. questionnaires - ANSWER C. workshops
Which of the following would be a primary activity when analyzing the value chain of an organization?
A. technological development
B. human resources management
C. infrastructure management
D. outbound logistics - ANSWER D. outbound logistics
The organization's resources and internal support are ________ the risk management strategy.
A. adjustable to match
B. inputs in the development of
C. metrics used to measure the value of
D. outcomes of the development of - ANSWER B. inputs in the development of
Identifying the success measures of the risk strategy, the risk management professional would include which of the following steps?
A. review of the risk strategy goals and objectives
B. selection of appropriate media for communicating the risk strategy
C. analysis of the organization's total cost of insurable risk
D. the development of timelines for implementing the risk strategy - ANSWER A. a review of the goals and objectives of the risk strategy
The following BEST guides an organization's risk management decision-making process?
A. risk financing opportunities
B. risk retention levels
C. risk strategy approach
D. risk treatment options - ANSWER C. risk strategy approach
An effective risk communication strategy demands the selection of appropriate _______________.
A. coaches
B. data points
C. media channels
D. metrics - ANSWER C. media channels
Which of the following is a technique of risk analysis?
A. budget allocation
B. consensus building
Once risks have been analyzed, the risk management professional should compare the risks against the risk _______________.
A. appetite
B. monitoring plan
C. treatment
D. underwriting criteria - ANSWER A. appetite
Upon approval of training curricula an ERM professional
A. creates training
B. plans and schedules training
C. targets training towards audience
D. schedules and delivers training - ANSWER D. schedules and delivers training
What might an ERM practitioner suggest to management to safeguard one of an organizations critical infrastructures from a Cyber attack?
A. implement password protocols
B. purchase a tower of cyber liability insurance
C. ensure employees do not post on social media
D. monitor employees use of the internet - ANSWER A. implement password protocols
Risk tolerance is defined as the _______________.
A. amount of uncertainty that an organization is prepared to accept
B. desired level of risk that an organization believes is optimal to achieve its goals
C. amount of risk that actually can be taken by the organization
D. culture and tradition of people of an organization and the way they take up the menace - ANSWER A. degree of uncertainty the organization is willing to accept
What does risk management do to strategic planning process?
A. challenge decisions to be made
B. give rise to risk treatment plans
C. draft out decisions to be made
D. identify threats and opportunities - ANSWER D. identify threats and opportunities
When the risk management professional is engaging in financial measurement of the organization's risk management plan, she should _______________.
A. calculate the overall cost of risk
B. not include the cost of risk financing
C. include the risk management committee
D. determine the maximum level of uncertainty the organization can tolerate - ANSWER A. calculate the overall cost of risk
How might an ERM heat map help facilitate discussion for a risk committee?
A. It provides a risk register for an organization to be able to review all risks.
B. It identifies how mitigation efforts could affect frequency and severity of a risk.
C. It provides a map for insurance companies to price an organization's premiums.
D. It can help benchmark risks for comparison with others in the industry - ANSWER B. It identifies how mitigation efforts could affect frequency and severity of a risk.
A success criterion for a risk management program includes
A. Risk accountability
B. Dependencies
