RIMS CRMP Exam Study Guide Common
Terms Exam Questions and Answers
Benchmarking - Correct Answers -The process of measuring the performance of an
organization against external standards of reference that frequently come from similar
organizations doing similar things.
Corporate governance - Correct Answers -The system of rules, practices and processes
by which a company is directed and controlled
Enterprise risk management - Correct Answers -A strategic discipline that supports the
achievement of an organization's objectives by addressing the full spectrum of its risk
and managing the combined impact of those risks as an interrelated risk portfolio.
Strategy: Consider all risks and exploit risks as part of strategy
Measurement: Include Upside of Risk (Bugalla and Kugler)
Look at building, expanding, exploiting to add value
Push and Pull risk performance data
This approach is Coordinated & Strategic
Gap analysis - Correct Answers -Comparison of an existing process or procedure to
recognized standards in order to identify deficiencies or excesses in the existing
process.
Technique that can be used to determine what steps might need to be taken to improve
the organization's capacity to move from a current state to a desired future state.
Key performance indicator (KPI) - Correct Answers -An activity that signals the
achievement of organizational objectives
Key risk indicator (KRI) - Correct Answers -A measurement of how risk and volatility
relate to achieving organizational objectives
Designed to manage the downside of risk
Leading indicators of risk to business performance; giving early warning of potential risk
, early signal of changes in risk exposures in various areas of the enterprise
Risk Metrics - Correct Answers -Integrated into the performance objectives of the
organization for monitoring risks
Examples: KPIs and KRIs
Indemnification - Correct Answers -Contractual obligation placed on the indemnifier to
return the indemnified to essentially the same financial condition that existed prior to the
loss or claim, to stand in as the source for financing the legal liability
Contractual Risk Transfer - Correct Answers -A legally binding agreement between two
parties whereby one agrees to indemnify and hold another party harmless for specified
actions, inactions, injuries or damages
Risk Attitides - Correct Answers -Risk Seeker - wants org to take on risk to maximize
gain expected from the decision example - institutional investors
Risk Neutral - indifferent as to risk taking in relation to decision (example: customers,
rating agencies)
Risk Avoider -- tends to consider 'what can go wrong' rather than 'what needs to go
right' (example: suppliers, employees)
Continuous Learning - Correct Answers -Design of Org Strategies
Integration of Risk Management Process
Development of Org RM Competencies
Coaching the Org
Core Competencies - Correct Answers -Business Insight
Integrity/Ethics
Communication
Collaboration
Consultation
Hold Harmless - Correct Answers -wording that requires one party to shield the other
party from the effects of the legal liability assignable to transfer or obligor
Risk Transfer/Sharing - Correct Answers -Action taken when 1) costs of retaining risks
exceeds the organization's risk tolerance; 2) risks (or some portion) can be transferred
at a lower cost; 3) risks should be apportioned based on an agreement, and 4) it is
required by regulation
Insurance - Correct Answers -Risk-transfer mechanism that ensured full or partial
financial compensation for the loss, damage and legal obligations of a policyholder or
beneficiary
Terms Exam Questions and Answers
Benchmarking - Correct Answers -The process of measuring the performance of an
organization against external standards of reference that frequently come from similar
organizations doing similar things.
Corporate governance - Correct Answers -The system of rules, practices and processes
by which a company is directed and controlled
Enterprise risk management - Correct Answers -A strategic discipline that supports the
achievement of an organization's objectives by addressing the full spectrum of its risk
and managing the combined impact of those risks as an interrelated risk portfolio.
Strategy: Consider all risks and exploit risks as part of strategy
Measurement: Include Upside of Risk (Bugalla and Kugler)
Look at building, expanding, exploiting to add value
Push and Pull risk performance data
This approach is Coordinated & Strategic
Gap analysis - Correct Answers -Comparison of an existing process or procedure to
recognized standards in order to identify deficiencies or excesses in the existing
process.
Technique that can be used to determine what steps might need to be taken to improve
the organization's capacity to move from a current state to a desired future state.
Key performance indicator (KPI) - Correct Answers -An activity that signals the
achievement of organizational objectives
Key risk indicator (KRI) - Correct Answers -A measurement of how risk and volatility
relate to achieving organizational objectives
Designed to manage the downside of risk
Leading indicators of risk to business performance; giving early warning of potential risk
, early signal of changes in risk exposures in various areas of the enterprise
Risk Metrics - Correct Answers -Integrated into the performance objectives of the
organization for monitoring risks
Examples: KPIs and KRIs
Indemnification - Correct Answers -Contractual obligation placed on the indemnifier to
return the indemnified to essentially the same financial condition that existed prior to the
loss or claim, to stand in as the source for financing the legal liability
Contractual Risk Transfer - Correct Answers -A legally binding agreement between two
parties whereby one agrees to indemnify and hold another party harmless for specified
actions, inactions, injuries or damages
Risk Attitides - Correct Answers -Risk Seeker - wants org to take on risk to maximize
gain expected from the decision example - institutional investors
Risk Neutral - indifferent as to risk taking in relation to decision (example: customers,
rating agencies)
Risk Avoider -- tends to consider 'what can go wrong' rather than 'what needs to go
right' (example: suppliers, employees)
Continuous Learning - Correct Answers -Design of Org Strategies
Integration of Risk Management Process
Development of Org RM Competencies
Coaching the Org
Core Competencies - Correct Answers -Business Insight
Integrity/Ethics
Communication
Collaboration
Consultation
Hold Harmless - Correct Answers -wording that requires one party to shield the other
party from the effects of the legal liability assignable to transfer or obligor
Risk Transfer/Sharing - Correct Answers -Action taken when 1) costs of retaining risks
exceeds the organization's risk tolerance; 2) risks (or some portion) can be transferred
at a lower cost; 3) risks should be apportioned based on an agreement, and 4) it is
required by regulation
Insurance - Correct Answers -Risk-transfer mechanism that ensured full or partial
financial compensation for the loss, damage and legal obligations of a policyholder or
beneficiary
