Which of the following should be the PRIMARY objective of promoting a risk-aware culture within an organization?

• A.Enabling risk-based decision making
• B.Increasing process control efficiencies
• C.Better understanding of the risk appetite
• D.Improving audit results

Comment: *

Name: *

Email: *

Verification: *

Which of the following processes is described in the statement below?
"It is the process of exchanging information and views about risks among stakeholders, such as groups, individuals, and institutions."

• A.Risk governance
• B.Risk identification
• C.Risk response planning
• D.Risk communication
• E.Explanation:
  Risk communication is the process of exchanging information and views about risks among stakeholders, such as groups, individuals, and institutions. Risk communication is mostly concerned with the nature of risk or expressing concerns, views, or reactions to risk managers or institutional bodies for risk management. The key plan to consider and communicate risk is to categorize and impose priorities, and acquire suitable measures to reduce risks. It is important throughout any crisis to put across multifaceted information in a simple and clear manner. Risk communication helps in switching or allocating the information concerning risk among the decision-maker and the stakeholders. Risk communication can be explained more clearly with the help of the following definitions: It defines the issue of what a group does, not just what it says. It must take into account the valuable element in user's perceptions of risk. It will be more valuable if it is thought of as conversation, not instruction.
  Risk communication is a fundamental and continuing element of the risk analysis exercise, and the involvement of the stakeholder group is from the beginning. It makes the stakeholders conscious of the process at each phase of the risk assessment. It helps to guarantee that the restrictions, outcomes, consequence, logic, and risk assessment are undoubtedly understood by all the stakeholders.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important consideration when sharing risk management updates with executive management?

• A.Including trend analysis of risk metrics
• B.Using an aggregated view of organizational risk
• C.Ensuring relevance to organizational goals
• D.Relying on key risk indicator (KRI) data

Comment: *

Name: *

Email: *

Verification: *

Which of the following is NOT true for risk governance?

• A.Risk governance is based on the principles of cooperation, participation, mitigation and sustainability, and is adopted to achieve more effective risk management.
• B.Risk governance requires reporting once a year.
• C.Risk governance seeks to reduce risk exposure and vulnerability by filling gaps in risk policy.
• D.Risk governance is a systemic approach to decision making processes associated to natural and technological risks.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MAIN reason for documenting the performance of controls?

• A.Demonstrating effective risk mitigation
• B.Obtaining management sign-off
• C.Justifying return on investment
• D.Providing accurate risk reporting

Comment: *

Name: *

Email: *

Verification: *