Enterprise Risk Management Exam 1 Questions and Answers 100% Solved correctly

benefits of ERM in anticipating and responding to risks - Answer-1. anticipate and recognize emerging risks 2. identify and manage cross-enterprise risks 3. minimize threats to achieving organizational goals 4. enhance risk-response decisions different impediments to successful implementation of ERM - Answer-1. technological deficiency - for ERM to succeed, people have to receive relevant information 2. the traditional organized culture with its entrenched silos - each different branch had its own function with its own management structure. in the new ERM culture, risk management is integrated throughout the organization Sarbanes-Oxley Act (SOX) - Answer--established requirements for internal risk controls and reporting that can best be met by an ERM process involving an organization's internal audit function -requires both the CFO and CEO to personally attest to their company's results in financial statements -requires corporations to review their risk profiles using an enterprise-wide approach pure risk - Answer-a chance of loss or no loss, but no chance of gain speculative risk - Answer-a chance of loss, no loss, or gain price risk - Answer-uncertainty over the size of cash flows resulting from possible changes in the cost of raw materials and other inputs (such as lumber, gas, or electricity), as well as cost-related changes in the market for completed products and other outputs credit risk - Answer-although a credit risk is particularly significant for banks and other financial institutions, it can be relevant to any organization with accounts receivable subjective risk - Answer-the perceived amount of risk based on an individual's or organization's opinionobjective risk - Answer-the measurable variation in uncertain outcomes based on facts and data diversifiable risk - Answer-a risk that affects only some individuals, businesses, or small groups nondiversifiable risk - Answer-a risk that affects a large segment of society at the same time systemic risks - Answer-generally nondiversifiable - the potential for a major disruption in the function of an entire market or financial system hazard risk - Answer-arises from property, liability, or personnel loss exposures 1. property risk 2. legal risk 3. personnel risk 4. consequential loss financial risk - Answer-arises from the effect of market forces on financial assets or liabilities 1. market risk 2. credit risk 3. price risk 4. liquidity risk operational risk - Answer-arises from people, processes, systems or controls 1. people risk 2. IT risk 3. management oversight 4. business processes strategic risk - Answer-arises from trends in the economy and society1. economic development 2. political environment 3. demographics 4. competition ERM can enhance business performance in these ways - Answer-1. improve credit rating 2. reduce earnings volatility 3. seize opportunities 4. improve business resiliency and sustainability 5. improve risk governance 6. improve capital allocation three main pillars of ERM - Answer-1. interdependency 2. correlation 3. portfolio theory interdependency - Answer-the silo type of management that is typical of traditional risk management ignores any interdependencies and assumes that a financial risk is unrelated to a hazard risk. events are statistically independent if the probability of one event occurring does not affect the probability of a second event occurring. correlation - Answer-correlation increases risk, while uncorrelated risks can reduce risk to the extent that they provide a balance or hedge portfolio theory - Answer-in an ERM context, a portfolio is a combination of risks. the portfolio theory assumes that risk includes both individual risks and their interactions. building blocks of top-down ERM - Answer-1. a process for regular discussion of organization risk at the senior management level 2. a charter at the board level for risk management oversight3. a risk management computerized dashboard showing each risk along with its likelihood, its potential effect on the organization, and the ability of the organization to respond 4. a risk appetite and strategy statement how does the internal control function in an organization assist in the application of risk management - Answer-because internal control professionals audit most of an organization's operations, they can detect indicators of potential risk before these become apparent in operation results. they can also apply the audit plan to higher-risk operations and evaluate strategic risks as they review operational processes. internal control is most effective when collaborating with the risk management function bottom-up approach - Answer-advantages: 1. global perspective on risks 2. prioritization of risk 3. critical risks identified disadvantages: 1. existing methods of identifying and reporting on risk may not identify critical emerging risks 2. the processes involved in a bottom-up approach may be perceived as bureaucratic, with no real connection to daily operations top-down approach - Answer-advantages: 1. it provides a high-level view of the entire organization and the risks that are central to meeting the organization's objectives disadvantages: 1. its dependence on reports from middle management to senior management 2. its limited view of risks that may be percolating in various areas of the organization capability maturity model - Answer-1. ad hoc - no formal risk management process and little awareness of the concept 2. initial - basic risk management processes with no attempt at enterprise-wide risk management 3. defined - formal risk management process, at least for project management 4. managed - quantitative metrics for identification, assessment, and response to risk5. optimizing - ongoing improvement to the risk management process and a robust organizational risk culture