FRM 2: Book 3 UPDATED ACTUAL Exam
Questions and CORRECT Answers
Lines of Defense to control operational risks - CORRECT ANSWER - 1) Business line
management
2) An independent operational risk management function
3) Independent reviews of operational risk and risk management
Corporate Operatinoal Risk Function (CORF) - CORRECT ANSWER - A functionally
independent group that complements the business lines' risk management operations.
Responsible for designing, implementing, and maintaining the bank's operational risk
framework.
11 Principles of Operational Risk Management - CORRECT ANSWER - Board should...
1) Lead strong risk management culture
2) Have a Risk framework
3) Review and approval of framework
4) Approve risk appetite and risk tolerance statements
5) Develop a well-defined governance structure
6) Understand the risks, and incentives related to those risks, inherent in the bank's business lines
and processes
7) Have approval process of new business lines
8) Have a process for monitoring operational risks and material exposures to losses
9) Have internal controls, risk mitigation, and risk transfer strategies
10) Business operations must be resilient
11) Have disclosures that are clear
Lead a Strong Risk Management Culture - CORRECT ANSWER - Have an ethics policy
and provide risk training
, Have a Risk Framework - CORRECT ANSWER - Thoroughly understand the nature and
complexity of the risks.
Developed and fully integrate risk framework into the overall risk management processes
Review and approval of framework - CORRECT ANSWER - Establish a culture and
process, regularly review the framework, provide management with guidance, have the
framework independently reviewed, ensure management is following best practices, and
establish clear lines of management responsibility
Approve risk appetite and risk tolerance statements - CORRECT ANSWER - Consider all
risks and periodically review risk appetites and tolerance statements
Develop a well-defined governance structure - CORRECT ANSWER - Establish systems
to report and track operational risks, provide specific policies and procedures, communicate them
clearly, ensure a sufficient stature, train staff, and ensure governance structure matches the firm's
Understand the risks, and incentives related to those risks, inherent in the bank's business lines
and processes - CORRECT ANSWER - Consider both internal and external
Have approval process of new business lines - CORRECT ANSWER - Have an approval
process for new products and processes.
Have a process for monitoring operational risks and material exposures to losses - CORRECT
ANSWER - Continuously improve reporting, ensure reports are timely and include
breaches of appetite, tolerance, thresholds and limits, details of recent operational risk events,
and external events that may impact the firm.
Business operations must be resilient - CORRECT ANSWER - Establish continuity plans
and periodically review them
Have disclosures that are clear - CORRECT ANSWER - Disclosures should be consistent
Questions and CORRECT Answers
Lines of Defense to control operational risks - CORRECT ANSWER - 1) Business line
management
2) An independent operational risk management function
3) Independent reviews of operational risk and risk management
Corporate Operatinoal Risk Function (CORF) - CORRECT ANSWER - A functionally
independent group that complements the business lines' risk management operations.
Responsible for designing, implementing, and maintaining the bank's operational risk
framework.
11 Principles of Operational Risk Management - CORRECT ANSWER - Board should...
1) Lead strong risk management culture
2) Have a Risk framework
3) Review and approval of framework
4) Approve risk appetite and risk tolerance statements
5) Develop a well-defined governance structure
6) Understand the risks, and incentives related to those risks, inherent in the bank's business lines
and processes
7) Have approval process of new business lines
8) Have a process for monitoring operational risks and material exposures to losses
9) Have internal controls, risk mitigation, and risk transfer strategies
10) Business operations must be resilient
11) Have disclosures that are clear
Lead a Strong Risk Management Culture - CORRECT ANSWER - Have an ethics policy
and provide risk training
, Have a Risk Framework - CORRECT ANSWER - Thoroughly understand the nature and
complexity of the risks.
Developed and fully integrate risk framework into the overall risk management processes
Review and approval of framework - CORRECT ANSWER - Establish a culture and
process, regularly review the framework, provide management with guidance, have the
framework independently reviewed, ensure management is following best practices, and
establish clear lines of management responsibility
Approve risk appetite and risk tolerance statements - CORRECT ANSWER - Consider all
risks and periodically review risk appetites and tolerance statements
Develop a well-defined governance structure - CORRECT ANSWER - Establish systems
to report and track operational risks, provide specific policies and procedures, communicate them
clearly, ensure a sufficient stature, train staff, and ensure governance structure matches the firm's
Understand the risks, and incentives related to those risks, inherent in the bank's business lines
and processes - CORRECT ANSWER - Consider both internal and external
Have approval process of new business lines - CORRECT ANSWER - Have an approval
process for new products and processes.
Have a process for monitoring operational risks and material exposures to losses - CORRECT
ANSWER - Continuously improve reporting, ensure reports are timely and include
breaches of appetite, tolerance, thresholds and limits, details of recent operational risk events,
and external events that may impact the firm.
Business operations must be resilient - CORRECT ANSWER - Establish continuity plans
and periodically review them
Have disclosures that are clear - CORRECT ANSWER - Disclosures should be consistent
