APRP QUESTIONS AND ANSWERS | 2026
UPDATE | WITH COMPLETE SOLUTION.
Preventive Control - ANSWERS-A mitigating technique designated to prevent
an event from occurring.
Incident Response Plan - ANSWERS-A plan that defines the action steps,
involved resources and communication strategy upon identification of a
threat or potential threat event, such as a breach in security protocol, power
or telecomunnications outage, severe weather or workplace violence.
Control Self-Assessment - ANSWERS-A technique used to internally assess
the effectiveness of risk management and control processes.
Business Continuity Strategy - ANSWERS-Comprehensive strategies to
recover, resume and maintain all critical business functions.
Technical Controls - ANSWERS-Controls to prevent and detect unauthorized
activity.
Procedures - ANSWERS-Defines the manner in which an organization will
proceed, perform or affect something to accomplish the objectives of a
policy.
Title 31 of the Code of Federal Regulation (CFR) Part 370 - ANSWERS-
Governs the handling of payments for the Bureau of Public Debt made
through the ACH Network.
Unfair, Deceptive or Abusive Acts or Practices (UDAAP) - ANSWERS-Law to
protect consumers purchasing financial products and services requiring that
,consumers have access to information that lets them choose the option they
believe is best for their situation.
Risk Evaluation - ANSWERS-Process of comparing risk analysis results to
determine if risk is at an acceptable level.
Business Impact Analysis (BIA) - ANSWERS-Process of identifying the
potential impact of uncontrolled, non-specific events on an institution's
business processes.
Enterprise Risk Management - ANSWERS-Process of planning, organizing,
leading and controlling the activities of an organization to minimize the
effects of risk on that organization.
Risk Measurement - ANSWERS-Process to determine the likelihood of an
adverse event or threat occurring and the potential impact of such an event
on the institution.
User Access Controls - ANSWERS-Security technique used to regulate who or
what can view or use resources in a computing environment.
Vulnerability Assessment - ANSWERS-Systematic examination of systems to
identify, quantify and prioritize the security deficiencies of the systems.
Function Drill/Parallel Test - ANSWERS-Testing method involves actual
mobilization of personnel to other sites attempting to establish
communications and perform actual recovery processing as outlined in the
business continuity plan (BCP).
Risk Management - ANSWERS-Total process required to identify, control and
minimize the impact of uncertain events.
, Layered Security - ANSWERS-Use of different controls at different points in a
transaction process.
Tabletop Exercise/Structured Walk-Through Test - ANSWERS-Testing method
ensures critical personnel from all areas are familiar with the business
continuity plan (BCP) and may be used as an effective training tool.
Walk-Through Drill/Simulation Test - ANSWERS-Testing method used to apply
a specific event scenario to the business continuity plan (BCP).
Payroll Card Account - ANSWERS-A bank account established directly or
indirectly by an employer on behalf of an employee to which an employee's
wages are electronically transferred to.
Credit Card - ANSWERS-A card indicating the holder has been granted a line
of credit to make purchases or withdraw cash up to a prearranged ceiling.
Prepaid/Stored Value Card - ANSWERS-A card-based payment system that
assigns a value to the card; some cards can be "reloaded" through various
methods and others are designed to be discarded.
ECI - Electronically Created Item - ANSWERS-A check that never appears in
paper form.
Originator - ANSWERS-A company or individual that has been authorized by
the Receiver to initiate either a credit or debit ACH entry to their account.
Business Continuity Plan (BCP) - ANSWERS-A comprehensive written plan to
maintain or resume business in the event of a disruption.
UPDATE | WITH COMPLETE SOLUTION.
Preventive Control - ANSWERS-A mitigating technique designated to prevent
an event from occurring.
Incident Response Plan - ANSWERS-A plan that defines the action steps,
involved resources and communication strategy upon identification of a
threat or potential threat event, such as a breach in security protocol, power
or telecomunnications outage, severe weather or workplace violence.
Control Self-Assessment - ANSWERS-A technique used to internally assess
the effectiveness of risk management and control processes.
Business Continuity Strategy - ANSWERS-Comprehensive strategies to
recover, resume and maintain all critical business functions.
Technical Controls - ANSWERS-Controls to prevent and detect unauthorized
activity.
Procedures - ANSWERS-Defines the manner in which an organization will
proceed, perform or affect something to accomplish the objectives of a
policy.
Title 31 of the Code of Federal Regulation (CFR) Part 370 - ANSWERS-
Governs the handling of payments for the Bureau of Public Debt made
through the ACH Network.
Unfair, Deceptive or Abusive Acts or Practices (UDAAP) - ANSWERS-Law to
protect consumers purchasing financial products and services requiring that
,consumers have access to information that lets them choose the option they
believe is best for their situation.
Risk Evaluation - ANSWERS-Process of comparing risk analysis results to
determine if risk is at an acceptable level.
Business Impact Analysis (BIA) - ANSWERS-Process of identifying the
potential impact of uncontrolled, non-specific events on an institution's
business processes.
Enterprise Risk Management - ANSWERS-Process of planning, organizing,
leading and controlling the activities of an organization to minimize the
effects of risk on that organization.
Risk Measurement - ANSWERS-Process to determine the likelihood of an
adverse event or threat occurring and the potential impact of such an event
on the institution.
User Access Controls - ANSWERS-Security technique used to regulate who or
what can view or use resources in a computing environment.
Vulnerability Assessment - ANSWERS-Systematic examination of systems to
identify, quantify and prioritize the security deficiencies of the systems.
Function Drill/Parallel Test - ANSWERS-Testing method involves actual
mobilization of personnel to other sites attempting to establish
communications and perform actual recovery processing as outlined in the
business continuity plan (BCP).
Risk Management - ANSWERS-Total process required to identify, control and
minimize the impact of uncertain events.
, Layered Security - ANSWERS-Use of different controls at different points in a
transaction process.
Tabletop Exercise/Structured Walk-Through Test - ANSWERS-Testing method
ensures critical personnel from all areas are familiar with the business
continuity plan (BCP) and may be used as an effective training tool.
Walk-Through Drill/Simulation Test - ANSWERS-Testing method used to apply
a specific event scenario to the business continuity plan (BCP).
Payroll Card Account - ANSWERS-A bank account established directly or
indirectly by an employer on behalf of an employee to which an employee's
wages are electronically transferred to.
Credit Card - ANSWERS-A card indicating the holder has been granted a line
of credit to make purchases or withdraw cash up to a prearranged ceiling.
Prepaid/Stored Value Card - ANSWERS-A card-based payment system that
assigns a value to the card; some cards can be "reloaded" through various
methods and others are designed to be discarded.
ECI - Electronically Created Item - ANSWERS-A check that never appears in
paper form.
Originator - ANSWERS-A company or individual that has been authorized by
the Receiver to initiate either a credit or debit ACH entry to their account.
Business Continuity Plan (BCP) - ANSWERS-A comprehensive written plan to
maintain or resume business in the event of a disruption.
