CIA Part 1 Unit 4: Risk Management
Questions and Answers 100% Correct
Inherent Risk Correct Answ_Risk in the absence of management actions to alter its severity
Actual residual risk Correct Answ_amount of risk remaining after management actions to
alter its severity
Target residual risk Correct Answ_the risk the entity prefers to assume knowing that
management has acted or will act to alter its severity.
Who provides risk oversight of ERM culture, capabilities and practices? Correct Answ_The
board
Who has overall responsibility for ERM? Correct Answ_Management (CEO)
Who is responsible for the implementation and development of the COSO ERM framework?
Correct Answ_Management
, First line of management accountability for ERM Correct Answ_consists of principal owners
of risk. Manage performance and risks taken to achieve strategy and objectives
Second line of management accountability for ERM Correct Answ_consists of supporting
functions. Provides guidance on performance and ERM requirements. Evaluates adherence to
standards. Challenges first line to take prudent risks.
Third line of management accountability for ERM Correct Answ_the assurance function -
IA. Reviews ERM, identifies issues and improvements, and informs the board and executives.
COCO ERM Supporting Aspect Components (2) Correct Answ_(1) Governance and culture
(2) Information, communication, and reporting
COSO ERM Common Process Components (3) Correct Answ_(1) Strategy and objective
setting
(2) Performance
(3) Review and revision
Questions and Answers 100% Correct
Inherent Risk Correct Answ_Risk in the absence of management actions to alter its severity
Actual residual risk Correct Answ_amount of risk remaining after management actions to
alter its severity
Target residual risk Correct Answ_the risk the entity prefers to assume knowing that
management has acted or will act to alter its severity.
Who provides risk oversight of ERM culture, capabilities and practices? Correct Answ_The
board
Who has overall responsibility for ERM? Correct Answ_Management (CEO)
Who is responsible for the implementation and development of the COSO ERM framework?
Correct Answ_Management
, First line of management accountability for ERM Correct Answ_consists of principal owners
of risk. Manage performance and risks taken to achieve strategy and objectives
Second line of management accountability for ERM Correct Answ_consists of supporting
functions. Provides guidance on performance and ERM requirements. Evaluates adherence to
standards. Challenges first line to take prudent risks.
Third line of management accountability for ERM Correct Answ_the assurance function -
IA. Reviews ERM, identifies issues and improvements, and informs the board and executives.
COCO ERM Supporting Aspect Components (2) Correct Answ_(1) Governance and culture
(2) Information, communication, and reporting
COSO ERM Common Process Components (3) Correct Answ_(1) Strategy and objective
setting
(2) Performance
(3) Review and revision
