問題一覧
1
The "Green Halo Effect" in risk governance refers to:
The perception of superior quality associated with environmentally friendly practices.
2
In risk assurance, the primary purpose of assurance services is to:
Reduce information risk by providing independent professional opinions.
3
Which risk is most closely associated with changes in market conditions?
Opportunity Risk
4
In the context of risk management, what is the purpose of 'reaction planning"?
Preparing actions to minimize risk consequences after occurrence
5
Which risk classification system focuses on the origin of the risk?
Hazard risks
6
Which is a consequence appealing to manage compliance risks in regulated sectors?
reputation damage
7
What method is best used to reduce the impact of a high-magnitude risk before its occurrence?
Preventative measures through controls
8
The ISO 31000:2018 standard emphasizes which of the following risk management approaches?
Strict compliance focus
9
What is the primary purpose of the bow tie analysis in risk management
to plan response before and after a risk event
10
What element is added to risk assessment when using a matrix?
Impact and probability
11
In a risk matrix how is the term impact different from magnitude
impact represents overall risk to the organization magnitude measures event size before controls
12
What is the primary goal of enterprise risk management (ERM)?
holistic management of business risks
13
The application of a 'gross risk' matrix focuses on
Inherent risks before applying any controls
14
Which of the following best describes the main function of the risk matrix in an organization?
Evaluating both the likelihood and impact of risk events
15
What type of risk has immediate consequences on organizational operations?
Short-term risks
16
What is one of the critical differences between control risks and hazard risks?
Hazard risks are purely negative, whereas control risks are focused on managing uncertainty.
17
Which of the following is not a primary classification of risks?
strategic risk
18
Which of the following is NOT one of the six OECD Principles of Corporate Governance?
Maximizing shareholder wealth
19
Which approach to risk management focuses on the key dependencies of an organization?
Dependencies -driven approach
20
In the context of risk management, what is meant by the term 'risk appetite'?
The level of risk an organization is willing to tolerate
21
In which situation is the term 'magnitude' used in the risk matrix?
as a measure of inherent level of a risk before controls
22
In risk classification, which aspect should organizations primarily consider to choose an effective risk classification system?
Size and scope of the organization's activities
23
What type of risk refers to events with only negative consequences
Hazard Risk
24
Operational risk management excludes which of the following?
Strategic risk
25
In effective risk reporting, what is the purpose of using a risk heat map?
To visually represent risks based on their likelihood and impact.
26
Which of the following is a core activity in risk analysis and evaluation?
Banking risks based on their magnitude and financial exposure
27
Which of the following is not a key element of the ERM process?
Risk elimination
28
What should be considered in opportunity risk management?
Balancing risk with potential financial gains
29
Which of the following describes 'speculative risks?
Risks that result in variable outcomes, including potential opportunities
30
What concept in risk management addresses an organization's preparedness for unexpected negative events?
Disaster recovery planning
31
Which of the following is least likely to be classified as a compliance risk?
Introduction of a new product line
32
What does the vertical axis on a risk matrix typically represent when analyzing inherent risk'?
Impact
33
Which organization defines risk as 'effect of uncertainty on objectives'?
ISO Guide 73
34
Which risk management strategy involves shifting the burden of risk to another party?
Transfer
35
In the bow tie representation of risk management what does the knot represent?
the risk event
36
Which of the following risk types is not directly related to organizational compliance?
Staff turnover
37
Which risk category focuses on legal responsibilities?
Compliance risks
38
What factor is least likely to affect an organization's risk classification system?
The cost of implementing the risk management strategy
39
Which of the following techniques helps organizations understand the potential future outcomes of identified risks?
Scenario Analysis
40
Which of the following statements best describes 'hazard risks'?
Risks that can only result in negative outcomes
41
Control risks are most closely associated with which type of management?
project management
42
10. In the context of operational risks, which factor is most likely to be tied to automation and artificial Intelligence?
Technology risks
43
The ISO 31000; standard emphasizes but key aspect of risk management?
integrated risk management across all sectors of an organization
44
What is the primary challenge of risk governance in the 21st century?
Governance mechanisms lagging behind technological and social change
45
What classification does the Institute of Internal Auditors (IIA) use to define risk?
Uncertainty of events affecting objectives
46
Which category of risk would theft in an organization typically fall under?
Hazard Risk
47
Which risk prioritization tool is commonly used to visually represent risk severity and likelihood?
Risk matrix
48
According to ISO guide 73, what term is used instead of 'frequency' in risk matrices?
likelihood
49
Which tool helps frame responses to risk by evaluating both preventative and post-event actions?
Bow-tie analysis
50
In risk management, 'tolerate' refers to:
Accepting the risk and being prepared for its consequences
51
Which event is an example of a control risk?
The unpredictable delivery time of a critical project
52
The term 'consequences' in a risk analysis context refers to:
The financial loss caused by a risk event
53
According to the Institute of Risk Management (IRM), risk is best defined as the:
Impact of uncertainty on objectives
54
Which method is commonly used to summarize an organization's risk profile?
Risk matrix
55
Which of the following classifications would most likely include unpredictable events such as natural disasters?
Hazard Risks
56
What is a key feature of an ERM system?
A continuous, ongoing process of risk identification and mitigation
57
Which of the following is not an example of a control risk?
Legal penalties due to non-compliance
58
What is a major benefit of regular risk reporting?
Aligns business strategies with identified risk tolerances.