ARM 400 Exam Practice Questions and Answers.

ARM 400 Exam Practice Questions and Answers. A big-box store recently moved into a small town where mom and pop shops flourished for years. Knowing there could be some negative backlash from the long time loyal residents, the big-box store's executives went through the framework of managing their reputational risk to try to lessen any perceived negativity. The executives believed there are four key steps in handling reputational risk that are measuring, monitoring, managing and mitigating. Understanding that each step is critical to the overall process, The Chief Financial Officer wants to focus his attention and resources on mitigating reputational damage as he believes that is the most important step in the overall process. As such, what would be an example of mitigating reputational damage? A. Screen opinions of employees, customers, vendors, shareholders, analysts and activists. B. Publish a list of reputation drivers such as quality, leadership and workpla - C A business impact analysis (BIA) should identify the points in time when the interruption would have the greatest impact, what the operational impact would be, and A. Who should be on the recovery team. B. Whether the exposures are external, internal, or project. C. What continuity strategy to use. D. What the financial impact would be. - D A corporate board of director's chair person is elected by A. The board of directors. B. The shareholders. C. Executive management. D. Proxies. - A A data governance committee (DGC) A. Is cross-functional. B. Cleanses big data. C. Reports to risk management. D. Is comprised of IT architects. - A A holistic approach that allows companies to better withstand short-term shocks and help ensure long-term business viability is known as A. Organizational resiliency. B. Business process management. C. Strategic redeployment plan. D. Preparedness planning - A A municipal water plant installed water flow sensors and water pressure sensors on the water pipes leaving the plant. The sensors make sure water is flowing properly and that there are no leaks or clogs which could produce a loss. These types of sensors are A. Thermal sensors. B. Mechanical sensors. C. Biochemical sensors. D. Radiant sensors. - B A privacy impact assessment (PIA) is A. A tool used to identify and assess privacy risks. B. An example of metadata that defines key data attributes. C. A collaborative tool that facilitates workflows. D. Proprietary software used to detect malware. - A A risk management professional is identifying the organization's key stakeholders as part of the enterprise risk management program. Which one of the following would be considered an internal stakeholder? A. Unions B. Suppliers C. General public D. Stockholders - D A risk-based auditing approach is deemed to be a top-down approach because A. It involves an external review of known potential threats to the organization and then developing an organizational response to those threats. B. It involves review of each department's dependence on financial controls, compliance with federal statutes and audit history. C. It involves review of the current financial controls and compliance to regulations as determined by external auditors. D. It involves identifying and analyzing material risks to the achievement of the organization's objectives and then determining how the risks should be managed. - D A speaker imparts information in verbal communications by A. Using appropriate facial expressions and gestures while other parties express their opinions and concerns. B. Expressing facts and emotions quickly, inviting written questions for discussion at a future session. C. Having good listening skills and expressing facts and emotions through words and sometimes visual displays. D. Listening and verbally responding with anecdotes of prior meetings, leveraging humor as opposed to facts for discussion. - C A vehicle manufacturer found that the exhaust system in certain models was not working properly. Some exhaust gases were releasing into the vehicle body. Rather than recalling the vehicles, they were shipped to South American markets. The manufacturer A. Is socially responsible because it shipped the vehicles out of the country thereby avoiding any US casualties. B. Is socially responsible because it does not force any individual to buy the vehicle. C. Has ignored its social responsibility as well as the risks involved with these actions. D. Has decided to transfer the risk to South American markets avoiding financial penalties. - C According to the law of large numbers, as the number of exposure units insured increases, A. Fewer losses are expected to occur. B. The size of the average loss declines. C. The relative accuracy of predictions about future losses increases. D. The probability of an underwriting loss increases. - C After opening its third store, Shoehorn Shoes decided to purchase new inventory tracking software for all of its stores. Which one of the following external or internal environments does this decision relate to? A. Economic environment B. Physical environment C. Product environment D. Operations environment - D After opening its third store, Shoehorn Shoes decided to purchase new inventory tracking software for all of its stores. Which one of the following external or internal environments does this decision relate to? A. Operations environment B. Physical environment C. Economic environment D. Product environment - A Aligning risks with the organization's risk appetite defines A. Social responsibility. B. Tolerable uncertainty. C. Compliance. D. Value at risk. - B All of the following are true regarding the composition of boards of directors, EXCEPT: A. Corporate boards are uniform in size with 13 directors. B. Boards include both inside directors and outside directors. C. Directors elect the chairman of the board. D. Outside directors serve on the compensation committee. - A All of the following are true regarding the Federal Sentencing Guidelines, EXCEPT: A. They can be used by federal courts. B. They are mandatory. C. They require an organization to have written standards and procedures. D. They establish minimum components for an effective compliance program. - B AMRM Insurance Company sells insurance in Virginia, North Carolina, South Carolina, and Georgia. The company has compiled a policyowner data base that can be used to send text messages when hurricanes approach. The company provides early warnings, storm updates from the National Weather Service, and hurricane safety measures. The company credits the system with reduced hurricane claims. The use of the texting system is an example of A. Preventive analytics. B. Artificial intelligence. C. Sensor networks. D. Experience rating. - A An analysis of an organization's external environments will help identify its A. Opportunities and threats. B. Culture and values. C. Strengths and weaknesses. D. Products and services. - A An auditor identifies risks under the risk-based approach by A. Reviewing the organization, department by department to determine if the controls overlap asking, "Is the redundancy needed?" B. Reviewing prior audits, comparing results and asking, and "Has the control environment changed?" C. Looking at each objective, testing each control by asking, "Does this seem appropriate?" D. Looking at each objective and its controls identifying risks by asking, "What might go wrong?" - D An independent auditor has been given the task of evaluating internal controls at Westside Company (Westside). The auditor has determined that Westside's board of directors has endorsed a framework requiring management to have documented internal reporting controls to ensure efficient operations, accuracy of financial statements, and compliance with regulations. The framework is applied at the entity and divisional levels, but not the operating unit or functional levels. The program is new so it has not yet been monitored. The auditor is likely to report that A. The selected method does not align with the Committee of Sponsoring Organizations of the Treadway Commission's (COSO) Internal Control—Integrated Framework. It must also be applied at the operating unit level, but not the functional level. Regular monitoring must be implemented. B. The selected method aligns with the Committee of Sponsoring Organizations of - C An organization evaluates key stakeholders' attitude toward risk in order to A. Understand what risks are acceptable and to develop an effective enterprise-wide risk management program. B. Understand acceptable risks and gauge its ability to attract new shareholders. C. Understand acceptable risks and gauge its ability to raise capital. D. Understand the risk appetite in order to determine what information is disseminated. - A An organization evaluates the social environment as part of its enterprise risk management (ERM) because A. Society is in a constant state of change. B. New sales or production methodology can affect consumers. C. Society norms and values influence how an organization manages its risks. - C An organization has established a key performance indicator to "reduce employee injuries by 6%." Which one of the following would indicate a low risk tolerance for this KPI? A. Reduce employee injuries by 2% B. Reduce employee injuries by 4% C. Reduce employee injuries by 5 to 6% D. Employee injury rate remains unchanged - C An organization must meet the standard of care that it owes to others in order to ensure that A. Legal obligations are satisfied. B. Post-loss goals are in place. C. Operations are efficient. D. Contracts are not breached. - A An organization's goals and objectives are met by establishing and attaining measurable standards for the many activities it pursues. Which one of the following statements is correct with respect to those standards? A. A key performance indicator (KPI) answers the question, "What will make our organization a success?" B. Generally, an organization's risk tolerance has little impact on its critical success factors (CSFs) and key performance indicators (KPIs). C. Organizations with key performance indicators (KPIs) established for critical success factors (CSFs) will typically achieve organizational goals. D. For each key performance indicator (KPI), there is a tolerance level for how much deviation from the standard established in the KPI will be acceptable. - D As a market force to help align manager and shareholder interests, takeover threats are A. Only effective for directors and officers and have no effect on managers. B. Less likely now than in the past because of statutory changes. C. Only effective when the employment market for managers is increasing. D. Easily and quickly implemented and are highly effective. - B As a result of a risk assessment, Medford Factory identified several exposures that could interrupt its operations. Which one of the following would be categorized as an external exposure? A. A widespread power outage B. A fire breaking out in the warehouse C. A poorly designed product that needs to be recalled D. An IT server failure - A Asking a question such as "How do you think this will work out?" can help a speaker do which one of the following? A. Request feedback and determine if the message has been understood B. Gain the support of executives and decision makers C. Build trust among a diverse group of individuals D. Deliver a message that recipients don't want to hear - A Autonomous Vehicle Applications (AVA) is a start-up company that develops safety technologies that can be sold to companies that are producing autonomous vehicles. One technology AVA is developing allows an autonomous vehicle to detect, extract, and analyze images; and then to respond to the images. For example, the technology would detect a presence in a crosswalk, extract the image, and a computer would analyze the image. When the image was determined to be a human being, the vehicle would slow down or stop until the crosswalk was clear. This technology, which is designed to capture and analyze images, and to act on the recognition of the image; is called A. Visual acuity. B. Computer vision. C. Accelerometer technology. D. Transducer technology. - B Based on Basel III principles, which one of the following groups should take the lead in establishing a strong risk management culture? A. Employees B. Board of directors C. Senior management D. Risk managers - B BD Company has made widgets for over 79 years using the same production techniques for fear of the huge costs from potential consumer lawsuits if production is changed and product quality suffers. With respect to its risk attitude, this organization would be classified as A. Risk seeking. B. Risk naïve. C. Risk avoiding. D. Risk optimizing. - C Be-Ne-Lux Insurance is an insurer operating in Belgium, the Netherlands, and Luxembourg. Be-Ne-Lux is subject to the Solvency II standards. Company managers believed the company was adequately financed, however it was determined that the company did not have adequate assets based on the uncertainty of its operating performance. The standard that Be-Ne-Lux failed to meet is A. Risk-based capital. B. Basel II. C. Own risk and solvency assessment. D. Underwriting leverage. - A Before speaking with a group or individual, the speaker should think about what he or she wants the other person(s) to do as a result of the conversation. Which one of the following steps in the communication process does the speaker complete by doing this? A. Deliver a message the recipient(s) want to hear B. Set aside judgement C. Set a clear communication objective D. Analyze your audience - C