RIMS - CRMP Complete Study Guide;
Risks - correct answer The effect of uncertainty on objectives
The chance of something happening that will have an impact on objectives
Being prepared for the worst and being poised to exploit opportunities as they are discovered
Enterprise Risk Management - correct answer A strategic business discipline that supports the
achievement of an organization's objectives by addressing the full spectrum of its risks and managing the
combined impact of those risks as an interrelated risk portfolio.
Support Function: Business continuity and crisis management - correct answer Risk identification,
assessment and creation of emergency response and recovery plans related to threats or hazards that
might lead to operational disruptions
Analysis - correct answer A systematic examination and evaluation of data or information by breaking it
into its component parts to uncover their relationships. An examination of data and facts to uncover and
understand cause-effect relationships, thus providing basis for problem solving and decision making.
To embed risk management in both routine and strategic decision, what should managers be able to
recognize? - correct answer The type of decision being made; Who should be included in the decision
making process; Where in the process decisions are being made
Risk management strategies' general focus - correct answer Meeting or exceeding an organization's
objectives
Adhering to control-based objectives, rules and/or controls
Complying with regulatory requirements
Support Function: Internal Audit - correct answer Risk identification, assessment and treatment through
audit plans with focus on fraud, corruption, regulatory noncompliance and/or misrepresentation related
to the organization's internal control systems, financial operations, financial statements and reporting as
well as enterprise risk and the organization's risk management framework and process.
What steps can the risk management professional take to embed risk management in decision making? -
correct answer Include risk assessment in planning process; Leverage cross-functional risk assessment
team and subject matter experts to identify enterprise risks; Consider cascading and cumulative effects
,RIMS - CRMP Complete Study Guide;
Gap Analysis - correct answer Technique that can be used to determine what steps might need to be
taken to improve the organization's capacity to move from a current state to a desired future state.
Risk appetite - correct answer The total exposed amount that an organization wishes to undertake on
the basis of risk-return trade-offs for one or more desire and expected outcomes.
Communication and Consultation - correct answer Risk management professional's role in Implementing
Risk Strategies
Support Function: Legal - correct answer Risk identification, assessment and treatment of risks related to
the obligation an organization undertakes and transfers through contracting, as well as its compliance
with applicable laws and regulatory obligations.
What are the typical failures in risk management which can be avoided if it is embedded in the decision
making process? - correct answer Program not integrated into strategy or its execution; Focused on the
wrong risks; Not executed in a repeatable process; Risk management is practiced in a silo; Activity not
viewed as being value added
Strategic Plan - correct answer Determines that actions the organization will take at any stage of the
planning period as circumstances change.
Risk owner - correct answer The individual who is ultimately accountable for ensuring that risk is
managed appropriately, including the implementation of selected responses.
Risk Identification Process - correct answer Finding, Recognizing and Recording Risks
Support Function: Compliance - correct answer Risk identification, assessment and treatment of risk
related to regulations that may affect the organization's ability to operate in its respective jurisdictions,
as well as activities that fall within its compliance and ethics programs.
To successfully integrate risk management into decision making, risk management professionals will rely
on strategies that draw on personal and technical skills in - correct answer Building organizational
awareness; . Differentiating the different types of decisions used in varying situations using elements of
decision quality; Performing various roles in the taking risk into account in decision-making process
,RIMS - CRMP Complete Study Guide;
Strategy - correct answer A complete plan of action for whatever situations might arise in achieving an
organization's goals within the established time.
Risk tolerance - correct answer The amount of uncertainty an organization is prepared to accept in total
or more narrowly within a certain business unit, a particular risk category or for a specific initiative.
Strategic Risk Management - correct answer A business discipline that drives deliberation and action
regarding uncertainties and untapped opportunities that affect an organization's strategy and strategic
execution.
Value Chain - correct answer The series of functions, processes, materials and activities (inputs) from
concept to the eventual end user that creates and builds value at every step in order to deliver a product
or service.
To build organizational awareness, the risk management professional needs to do the following: - correct
answer Be a persuasive communicator and facilitator; Have a clear communication plan; Engage
interested parties, including primary and secondary audiences; Demonstrate that risk management
creates the most value ; Develop feedback loops for continuous learning
Risk Analysis - correct answer The process of characterizing and understanding the nature of risk and of
considering the level of risk in the context of the organization's willingness to accept risk.
Support Function: Safety - correct answer Risk identification, assessment and treatment of risks focused
on preserving the physical well-being of employees and third parties.
Likelihood, Consequences, other criteria such as timing, duration, vulnerability and interdependencies -
correct answer Risk is typically analyzed on the basis of
Support Function: Information Security - correct answer Risk Identification, assessment and treatment of
risk arising our of or affecting information and technology infrastructure.
, RIMS - CRMP Complete Study Guide;
To build organizational awareness, risk management creates the most value when - correct answer Risk
management Aligns with strategic goals; Takes corporate culture into account; Involves key enterprise
functions
Financial Statements - correct answer Internal source of information that includes financial analytics or
projections
strategic planning team - correct answer The risk manager should be a part of the
_______________________ to provide the structure discipline for consideration of risks in a strategic
portfolio.
Internal Audit Reports - correct answer Internal source of information that focuses on business practices
important to the goals and reflection of regulatory environment of the organization
risk management - correct answer __________________ should be an agenda item at every strategy
session.
Support Function: Facilities - correct answer Risk identification, assessment and treatment of the
organization's properties, equipment and physical infrastructure systems.
Simple and frequent - correct answer A type of decision that are automatic, taken in the moment. These
decisions generally rely on the knowledge and capability of the decision maker using the back-of-the-
napkin technique.
Bow tie analysis - correct answer hazard analysis technique (cause and consequence)
Business impact analysis - correct answer consider business impacts at a location or from a specific
process
Support Functions: Quality - correct answer Risk identification, assessment and treatment of risks related
to products and services.
Risks - correct answer The effect of uncertainty on objectives
The chance of something happening that will have an impact on objectives
Being prepared for the worst and being poised to exploit opportunities as they are discovered
Enterprise Risk Management - correct answer A strategic business discipline that supports the
achievement of an organization's objectives by addressing the full spectrum of its risks and managing the
combined impact of those risks as an interrelated risk portfolio.
Support Function: Business continuity and crisis management - correct answer Risk identification,
assessment and creation of emergency response and recovery plans related to threats or hazards that
might lead to operational disruptions
Analysis - correct answer A systematic examination and evaluation of data or information by breaking it
into its component parts to uncover their relationships. An examination of data and facts to uncover and
understand cause-effect relationships, thus providing basis for problem solving and decision making.
To embed risk management in both routine and strategic decision, what should managers be able to
recognize? - correct answer The type of decision being made; Who should be included in the decision
making process; Where in the process decisions are being made
Risk management strategies' general focus - correct answer Meeting or exceeding an organization's
objectives
Adhering to control-based objectives, rules and/or controls
Complying with regulatory requirements
Support Function: Internal Audit - correct answer Risk identification, assessment and treatment through
audit plans with focus on fraud, corruption, regulatory noncompliance and/or misrepresentation related
to the organization's internal control systems, financial operations, financial statements and reporting as
well as enterprise risk and the organization's risk management framework and process.
What steps can the risk management professional take to embed risk management in decision making? -
correct answer Include risk assessment in planning process; Leverage cross-functional risk assessment
team and subject matter experts to identify enterprise risks; Consider cascading and cumulative effects
,RIMS - CRMP Complete Study Guide;
Gap Analysis - correct answer Technique that can be used to determine what steps might need to be
taken to improve the organization's capacity to move from a current state to a desired future state.
Risk appetite - correct answer The total exposed amount that an organization wishes to undertake on
the basis of risk-return trade-offs for one or more desire and expected outcomes.
Communication and Consultation - correct answer Risk management professional's role in Implementing
Risk Strategies
Support Function: Legal - correct answer Risk identification, assessment and treatment of risks related to
the obligation an organization undertakes and transfers through contracting, as well as its compliance
with applicable laws and regulatory obligations.
What are the typical failures in risk management which can be avoided if it is embedded in the decision
making process? - correct answer Program not integrated into strategy or its execution; Focused on the
wrong risks; Not executed in a repeatable process; Risk management is practiced in a silo; Activity not
viewed as being value added
Strategic Plan - correct answer Determines that actions the organization will take at any stage of the
planning period as circumstances change.
Risk owner - correct answer The individual who is ultimately accountable for ensuring that risk is
managed appropriately, including the implementation of selected responses.
Risk Identification Process - correct answer Finding, Recognizing and Recording Risks
Support Function: Compliance - correct answer Risk identification, assessment and treatment of risk
related to regulations that may affect the organization's ability to operate in its respective jurisdictions,
as well as activities that fall within its compliance and ethics programs.
To successfully integrate risk management into decision making, risk management professionals will rely
on strategies that draw on personal and technical skills in - correct answer Building organizational
awareness; . Differentiating the different types of decisions used in varying situations using elements of
decision quality; Performing various roles in the taking risk into account in decision-making process
,RIMS - CRMP Complete Study Guide;
Strategy - correct answer A complete plan of action for whatever situations might arise in achieving an
organization's goals within the established time.
Risk tolerance - correct answer The amount of uncertainty an organization is prepared to accept in total
or more narrowly within a certain business unit, a particular risk category or for a specific initiative.
Strategic Risk Management - correct answer A business discipline that drives deliberation and action
regarding uncertainties and untapped opportunities that affect an organization's strategy and strategic
execution.
Value Chain - correct answer The series of functions, processes, materials and activities (inputs) from
concept to the eventual end user that creates and builds value at every step in order to deliver a product
or service.
To build organizational awareness, the risk management professional needs to do the following: - correct
answer Be a persuasive communicator and facilitator; Have a clear communication plan; Engage
interested parties, including primary and secondary audiences; Demonstrate that risk management
creates the most value ; Develop feedback loops for continuous learning
Risk Analysis - correct answer The process of characterizing and understanding the nature of risk and of
considering the level of risk in the context of the organization's willingness to accept risk.
Support Function: Safety - correct answer Risk identification, assessment and treatment of risks focused
on preserving the physical well-being of employees and third parties.
Likelihood, Consequences, other criteria such as timing, duration, vulnerability and interdependencies -
correct answer Risk is typically analyzed on the basis of
Support Function: Information Security - correct answer Risk Identification, assessment and treatment of
risk arising our of or affecting information and technology infrastructure.
, RIMS - CRMP Complete Study Guide;
To build organizational awareness, risk management creates the most value when - correct answer Risk
management Aligns with strategic goals; Takes corporate culture into account; Involves key enterprise
functions
Financial Statements - correct answer Internal source of information that includes financial analytics or
projections
strategic planning team - correct answer The risk manager should be a part of the
_______________________ to provide the structure discipline for consideration of risks in a strategic
portfolio.
Internal Audit Reports - correct answer Internal source of information that focuses on business practices
important to the goals and reflection of regulatory environment of the organization
risk management - correct answer __________________ should be an agenda item at every strategy
session.
Support Function: Facilities - correct answer Risk identification, assessment and treatment of the
organization's properties, equipment and physical infrastructure systems.
Simple and frequent - correct answer A type of decision that are automatic, taken in the moment. These
decisions generally rely on the knowledge and capability of the decision maker using the back-of-the-
napkin technique.
Bow tie analysis - correct answer hazard analysis technique (cause and consequence)
Business impact analysis - correct answer consider business impacts at a location or from a specific
process
Support Functions: Quality - correct answer Risk identification, assessment and treatment of risks related
to products and services.
