RIMS - CRMP Complete Study Guide
Latest Updated
Risks - Correct Answers -The effect of uncertainty on objectives
The chance of something happening that will have an impact on objectives
Being prepared for the worst and being poised to exploit opportunities as they are
discovered
Enterprise Risk Management - Correct Answers -A strategic business discipline that
supports the achievement of an organization's objectives by addressing the full
spectrum of its risks and managing the combined impact of those risks as an
interrelated risk portfolio.
Support Function: Business continuity and crisis management - Correct Answers -Risk
identification, assessment and creation of emergency response and recovery plans
related to threats or hazards that might lead to operational disruptions
Analysis - Correct Answers -A systematic examination and evaluation of data or
information by breaking it into its component parts to uncover their relationships. An
examination of data and facts to uncover and understand cause-effect relationships,
thus providing basis for problem solving and decision making.
To embed risk management in both routine and strategic decision, what should
managers be able to recognize? - Correct Answers -The type of decision being made;
Who should be included in the decision making process; Where in the process
decisions are being made
Risk management strategies' general focus - Correct Answers -Meeting or exceeding an
organization's objectives
Adhering to control-based objectives, rules and/or controls
Complying with regulatory requirements
How can risk management professionals gain insights into organizational performance
related to the effectiveness of the organizational risk management? - Correct Answers -
evaluating metrics and reports that result from a disciplined and informed risk
management process
How can risk management professionals gain credibility and engagement with key
stakeholders - Correct Answers -validating insights with key stakeholders
,priorities - Correct Answers -Monitoring risk process: setting _______ based on desire
performance
Support Function: Internal Audit - Correct Answers -Risk identification, assessment and
treatment through audit plans with focus on fraud, corruption, regulatory noncompliance
and/or misrepresentation related to the organization's internal control systems, financial
operations, financial statements and reporting as well as enterprise risk and the
organization's risk management framework and process.
What steps can the risk management professional take to embed risk management in
decision making? - Correct Answers -Include risk assessment in planning process;
Leverage cross-functional risk assessment team and subject matter experts to identify
enterprise risks; Consider cascading and cumulative effects
Gap Analysis - Correct Answers -Technique that can be used to determine what steps
might need to be taken to improve the organization's capacity to move from a current
state to a desired future state.
Risk appetite - Correct Answers -The total exposed amount that an organization wishes
to undertake on the basis of risk-return trade-offs for one or more desire and expected
outcomes.
Communication and Consultation - Correct Answers -Risk management professional's
role in Implementing Risk Strategies
Support Function: Legal - Correct Answers -Risk identification, assessment and
treatment of risks related to the obligation an organization undertakes and transfers
through contracting, as well as its compliance with applicable laws and regulatory
obligations.
What are the typical failures in risk management which can be avoided if it is embedded
in the decision making process? - Correct Answers -Program not integrated into
strategy or its execution; Focused on the wrong risks; Not executed in a repeatable
process; Risk management is practiced in a silo; Activity not viewed as being value
added
Strategic Plan - Correct Answers -Determines that actions the organization will take at
any stage of the planning period as circumstances change.
Risk owner - Correct Answers -The individual who is ultimately accountable for ensuring
that risk is managed appropriately, including the implementation of selected responses.
Risk Identification Process - Correct Answers -Finding, Recognizing and Recording
Risks
,Support Function: Compliance - Correct Answers -Risk identification, assessment and
treatment of risk related to regulations that may affect the organization's ability to
operate in its respective jurisdictions, as well as activities that fall within its compliance
and ethics programs.
To successfully integrate risk management into decision making, risk management
professionals will rely on strategies that draw on personal and technical skills in -
Correct Answers -Building organizational awareness; . Differentiating the different types
of decisions used in varying situations using elements of decision quality; Performing
various roles in the taking risk into account in decision-making process
Strategy - Correct Answers -A complete plan of action for whatever situations might
arise in achieving an organization's goals within the established time.
Risk tolerance - Correct Answers -The amount of uncertainty an organization is
prepared to accept in total or more narrowly within a certain business unit, a particular
risk category or for a specific initiative.
Strategic Risk Management - Correct Answers -A business discipline that drives
deliberation and action regarding uncertainties and untapped opportunities that affect an
organization's strategy and strategic execution.
Value Chain - Correct Answers -The series of functions, processes, materials and
activities (inputs) from concept to the eventual end user that creates and builds value at
every step in order to deliver a product or service.
To build organizational awareness, the risk management professional needs to do the
following: - Correct Answers -Be a persuasive communicator and facilitator; Have a
clear communication plan; Engage interested parties, including primary and secondary
audiences; Demonstrate that risk management creates the most value ; Develop
feedback loops for continuous learning
Risk Analysis - Correct Answers -The process of characterizing and understanding the
nature of risk and of considering the level of risk in the context of the organization's
willingness to accept risk.
Support Function: Safety - Correct Answers -Risk identification, assessment and
treatment of risks focused on preserving the physical well-being of employees and third
parties.
Likelihood, Consequences, other criteria such as timing, duration, vulnerability and
interdependencies - Correct Answers -Risk is typically analyzed on the basis of
Support Function: Information Security - Correct Answers -Risk Identification,
assessment and treatment of risk arising our of or affecting information and technology
infrastructure.
, To build organizational awareness, risk management creates the most value when -
Correct Answers -Risk management Aligns with strategic goals; Takes corporate culture
into account; Involves key enterprise functions
Financial Statements - Correct Answers -Internal source of information that includes
financial analytics or projections
strategic planning team - Correct Answers -The risk manager should be a part of the
_______________________ to provide the structure discipline for consideration of risks
in a strategic portfolio.
Internal Audit Reports - Correct Answers -Internal source of information that focuses on
business practices important to the goals and reflection of regulatory environment of the
organization
risk management - Correct Answers -__________________ should be an agenda item
at every strategy session.
Support Function: Facilities - Correct Answers -Risk identification, assessment and
treatment of the organization's properties, equipment and physical infrastructure
systems.
Simple and frequent - Correct Answers -A type of decision that are automatic, taken in
the moment. These decisions generally rely on the knowledge and capability of the
decision maker using the back-of-the-napkin technique.
Bow tie analysis - Correct Answers -hazard analysis technique (cause and
consequence)
Business impact analysis - Correct Answers -consider business impacts at a location or
from a specific process
Support Functions: Quality - Correct Answers -Risk identification, assessment and
treatment of risks related to products and services.
Significant importance or complex - Correct Answers -A type of decision that require
more deliberate effort. These decisions generally have some period of planning and a
longer decision timeline.
Organizational Structure - Correct Answers -Internal source of information that reports
from different departments (HR, Legal, risk, operations, HS, environment, etc.)
Review the existing strategic plan - Correct Answers -The first step for the risk manager
is to __________________________ to identify and understand the organization's
goals.
Latest Updated
Risks - Correct Answers -The effect of uncertainty on objectives
The chance of something happening that will have an impact on objectives
Being prepared for the worst and being poised to exploit opportunities as they are
discovered
Enterprise Risk Management - Correct Answers -A strategic business discipline that
supports the achievement of an organization's objectives by addressing the full
spectrum of its risks and managing the combined impact of those risks as an
interrelated risk portfolio.
Support Function: Business continuity and crisis management - Correct Answers -Risk
identification, assessment and creation of emergency response and recovery plans
related to threats or hazards that might lead to operational disruptions
Analysis - Correct Answers -A systematic examination and evaluation of data or
information by breaking it into its component parts to uncover their relationships. An
examination of data and facts to uncover and understand cause-effect relationships,
thus providing basis for problem solving and decision making.
To embed risk management in both routine and strategic decision, what should
managers be able to recognize? - Correct Answers -The type of decision being made;
Who should be included in the decision making process; Where in the process
decisions are being made
Risk management strategies' general focus - Correct Answers -Meeting or exceeding an
organization's objectives
Adhering to control-based objectives, rules and/or controls
Complying with regulatory requirements
How can risk management professionals gain insights into organizational performance
related to the effectiveness of the organizational risk management? - Correct Answers -
evaluating metrics and reports that result from a disciplined and informed risk
management process
How can risk management professionals gain credibility and engagement with key
stakeholders - Correct Answers -validating insights with key stakeholders
,priorities - Correct Answers -Monitoring risk process: setting _______ based on desire
performance
Support Function: Internal Audit - Correct Answers -Risk identification, assessment and
treatment through audit plans with focus on fraud, corruption, regulatory noncompliance
and/or misrepresentation related to the organization's internal control systems, financial
operations, financial statements and reporting as well as enterprise risk and the
organization's risk management framework and process.
What steps can the risk management professional take to embed risk management in
decision making? - Correct Answers -Include risk assessment in planning process;
Leverage cross-functional risk assessment team and subject matter experts to identify
enterprise risks; Consider cascading and cumulative effects
Gap Analysis - Correct Answers -Technique that can be used to determine what steps
might need to be taken to improve the organization's capacity to move from a current
state to a desired future state.
Risk appetite - Correct Answers -The total exposed amount that an organization wishes
to undertake on the basis of risk-return trade-offs for one or more desire and expected
outcomes.
Communication and Consultation - Correct Answers -Risk management professional's
role in Implementing Risk Strategies
Support Function: Legal - Correct Answers -Risk identification, assessment and
treatment of risks related to the obligation an organization undertakes and transfers
through contracting, as well as its compliance with applicable laws and regulatory
obligations.
What are the typical failures in risk management which can be avoided if it is embedded
in the decision making process? - Correct Answers -Program not integrated into
strategy or its execution; Focused on the wrong risks; Not executed in a repeatable
process; Risk management is practiced in a silo; Activity not viewed as being value
added
Strategic Plan - Correct Answers -Determines that actions the organization will take at
any stage of the planning period as circumstances change.
Risk owner - Correct Answers -The individual who is ultimately accountable for ensuring
that risk is managed appropriately, including the implementation of selected responses.
Risk Identification Process - Correct Answers -Finding, Recognizing and Recording
Risks
,Support Function: Compliance - Correct Answers -Risk identification, assessment and
treatment of risk related to regulations that may affect the organization's ability to
operate in its respective jurisdictions, as well as activities that fall within its compliance
and ethics programs.
To successfully integrate risk management into decision making, risk management
professionals will rely on strategies that draw on personal and technical skills in -
Correct Answers -Building organizational awareness; . Differentiating the different types
of decisions used in varying situations using elements of decision quality; Performing
various roles in the taking risk into account in decision-making process
Strategy - Correct Answers -A complete plan of action for whatever situations might
arise in achieving an organization's goals within the established time.
Risk tolerance - Correct Answers -The amount of uncertainty an organization is
prepared to accept in total or more narrowly within a certain business unit, a particular
risk category or for a specific initiative.
Strategic Risk Management - Correct Answers -A business discipline that drives
deliberation and action regarding uncertainties and untapped opportunities that affect an
organization's strategy and strategic execution.
Value Chain - Correct Answers -The series of functions, processes, materials and
activities (inputs) from concept to the eventual end user that creates and builds value at
every step in order to deliver a product or service.
To build organizational awareness, the risk management professional needs to do the
following: - Correct Answers -Be a persuasive communicator and facilitator; Have a
clear communication plan; Engage interested parties, including primary and secondary
audiences; Demonstrate that risk management creates the most value ; Develop
feedback loops for continuous learning
Risk Analysis - Correct Answers -The process of characterizing and understanding the
nature of risk and of considering the level of risk in the context of the organization's
willingness to accept risk.
Support Function: Safety - Correct Answers -Risk identification, assessment and
treatment of risks focused on preserving the physical well-being of employees and third
parties.
Likelihood, Consequences, other criteria such as timing, duration, vulnerability and
interdependencies - Correct Answers -Risk is typically analyzed on the basis of
Support Function: Information Security - Correct Answers -Risk Identification,
assessment and treatment of risk arising our of or affecting information and technology
infrastructure.
, To build organizational awareness, risk management creates the most value when -
Correct Answers -Risk management Aligns with strategic goals; Takes corporate culture
into account; Involves key enterprise functions
Financial Statements - Correct Answers -Internal source of information that includes
financial analytics or projections
strategic planning team - Correct Answers -The risk manager should be a part of the
_______________________ to provide the structure discipline for consideration of risks
in a strategic portfolio.
Internal Audit Reports - Correct Answers -Internal source of information that focuses on
business practices important to the goals and reflection of regulatory environment of the
organization
risk management - Correct Answers -__________________ should be an agenda item
at every strategy session.
Support Function: Facilities - Correct Answers -Risk identification, assessment and
treatment of the organization's properties, equipment and physical infrastructure
systems.
Simple and frequent - Correct Answers -A type of decision that are automatic, taken in
the moment. These decisions generally rely on the knowledge and capability of the
decision maker using the back-of-the-napkin technique.
Bow tie analysis - Correct Answers -hazard analysis technique (cause and
consequence)
Business impact analysis - Correct Answers -consider business impacts at a location or
from a specific process
Support Functions: Quality - Correct Answers -Risk identification, assessment and
treatment of risks related to products and services.
Significant importance or complex - Correct Answers -A type of decision that require
more deliberate effort. These decisions generally have some period of planning and a
longer decision timeline.
Organizational Structure - Correct Answers -Internal source of information that reports
from different departments (HR, Legal, risk, operations, HS, environment, etc.)
Review the existing strategic plan - Correct Answers -The first step for the risk manager
is to __________________________ to identify and understand the organization's
goals.
