RIMS CRMP IMPLEMENTING THE RISK
PROCESS CERTIFICATION EXAM SCRIPT 2026
QUESTIONS AND ANSWERS 100% CORRECT
◉ List the ERM broad categories of risk and give examples of each
(4). Answer: 1.Operational Risk: related to management activities
(speculative)
2) Financial Risk: related to financial activities (speculative)
3) Hazard Risk: covered by insurance (pure)
4) Strategic Risk: related to an organization's strategic plan
(speculative)
◉ Define Organizational Risk Culture (ORC). Answer: a set of
understandings, knowledge, beliefs, values and habits toward risk,
that characterize a human group (organization) in search of a
common purpose
◉ Explain the four characteristics of an effective ORC(4). Answer: 1.
Tone at the top - leadership clarity of direction and a positive
corporate attitude toward risk
,2. Corporate Governance - clear responsibility for risk management;
transparency and timeliness of risk information
3. Decision Making - well informed decisions regarding risk;
performance evaluations encourage good risk management
decisions
4. Authority and Accountability - embedding risk management
abilities and responsibilities within the organization.
◉ List the benefits of implementing an ERM program(7). Answer: 1.
Identifies threats and opportunities related to an organization's
strategic plan, objectives and total cost of risk
2. Closely links an organization's business, operational, and strategic
objectives to the practice of managing risk
3. Uses performance metrics to drive improvement in decision
making
4. Provides a common language for communication about risks and
opportunities
5. Enhances management of activities and their associated risks
6. Safeguards the organization's branding and reputation
,7. Allows organizations to capitalize on opportunities to increase
shareholder/stakeholder value
◉ Identify the requirements of ERM implementation (5). Answer: 1.
Support Of The Senior Management Team
2. An Implementation Leader And Dedicated Cross-Functional
Committees
3. An ERM Risk Assessment
4. A Common Language Regarding Risk
5. An Established Framework
◉ Explain the purpose of ISO 31000 and identify its components.
Answer: provide an international recognized standard to managed
risk in a detailed systematic way.
◉ Identify the five interrelated components of COSO. Answer: 1)
Governance and Culture
, 2) Strategy and Objective Setting
3) Performance
4) Review and Revision
5) Information Communication and Reporting
◉ Identify the obstacles to ERM implementation (6). Answer: 1)
Lack of support from Senior Management
2) Difficult to invest capital in the Risk Management Process
3) Showing return on investment (value)
4) Different skills are required to successfully implement ERM vs.
TRM
5) Risk is viewed negatively in many organizations, so expanding to
include upside risks may be difficult
6) Perception of Risk vs. Reality. Taking risk is often seen as a matter
of courage rather than a reasoned, quality decision.
PROCESS CERTIFICATION EXAM SCRIPT 2026
QUESTIONS AND ANSWERS 100% CORRECT
◉ List the ERM broad categories of risk and give examples of each
(4). Answer: 1.Operational Risk: related to management activities
(speculative)
2) Financial Risk: related to financial activities (speculative)
3) Hazard Risk: covered by insurance (pure)
4) Strategic Risk: related to an organization's strategic plan
(speculative)
◉ Define Organizational Risk Culture (ORC). Answer: a set of
understandings, knowledge, beliefs, values and habits toward risk,
that characterize a human group (organization) in search of a
common purpose
◉ Explain the four characteristics of an effective ORC(4). Answer: 1.
Tone at the top - leadership clarity of direction and a positive
corporate attitude toward risk
,2. Corporate Governance - clear responsibility for risk management;
transparency and timeliness of risk information
3. Decision Making - well informed decisions regarding risk;
performance evaluations encourage good risk management
decisions
4. Authority and Accountability - embedding risk management
abilities and responsibilities within the organization.
◉ List the benefits of implementing an ERM program(7). Answer: 1.
Identifies threats and opportunities related to an organization's
strategic plan, objectives and total cost of risk
2. Closely links an organization's business, operational, and strategic
objectives to the practice of managing risk
3. Uses performance metrics to drive improvement in decision
making
4. Provides a common language for communication about risks and
opportunities
5. Enhances management of activities and their associated risks
6. Safeguards the organization's branding and reputation
,7. Allows organizations to capitalize on opportunities to increase
shareholder/stakeholder value
◉ Identify the requirements of ERM implementation (5). Answer: 1.
Support Of The Senior Management Team
2. An Implementation Leader And Dedicated Cross-Functional
Committees
3. An ERM Risk Assessment
4. A Common Language Regarding Risk
5. An Established Framework
◉ Explain the purpose of ISO 31000 and identify its components.
Answer: provide an international recognized standard to managed
risk in a detailed systematic way.
◉ Identify the five interrelated components of COSO. Answer: 1)
Governance and Culture
, 2) Strategy and Objective Setting
3) Performance
4) Review and Revision
5) Information Communication and Reporting
◉ Identify the obstacles to ERM implementation (6). Answer: 1)
Lack of support from Senior Management
2) Difficult to invest capital in the Risk Management Process
3) Showing return on investment (value)
4) Different skills are required to successfully implement ERM vs.
TRM
5) Risk is viewed negatively in many organizations, so expanding to
include upside risks may be difficult
6) Perception of Risk vs. Reality. Taking risk is often seen as a matter
of courage rather than a reasoned, quality decision.
