ISO-31000-CLA

Which of the following is becoming the basis for all decision making?A . Risk management B. Crisis management C. Quality management D. Marketing managementView AnswerAnswer: A Explanation: Risk management is becoming the basis for all decision making2. Risk management helps organizations to identify opportunities and threats, evaluate alternatives, and make...

Organizational information systems, information flows, and formal and informal decision-making processes are all a part of establishing which type of context in regard to the organization?A . External B. Technological C. Local D. InternalView AnswerAnswer: D Explanation: According to ISO31000 (2018), clause 5., establishing the context involves defining “the external...

Which two of the following are types Integrated Processes? (Choose two)A . People processes B. Soft processes C. Hard process D. Quality analysisView AnswerAnswer: A,C Explanation: People processes and hard processes are two types of integrated processes3. People processes involve human factors such as culture, values, ethics, and behavior that...

A broker is undertaking a business interruption review on behalf of a client. This would most commonly include an evaluation of theA . effectiveness of a business continuity plan. B. effectiveness of risk reserving. C. level of risk tolerance. D. level of self insurance.View AnswerAnswer: A Explanation: A business interruption...

Which of the following is a major challenge in implementing the ISO 31000:2018 risk management framework?A . Scoping framework boundaries B. Improvement framework boundaries C. Design framework boundaries D. Strategic framework boundariesView AnswerAnswer: A Explanation: Scoping framework boundaries is a major challenge in implementing the ISO 31000:2018 risk management framework....

When an operational area develops a treatment for a critical risk, the risk management professional MUSTA . add the risk to the risk map. B. communicate the treatment plan directly with internal audit. C. evaluate the dollar savings associated with the treatment. D. evaluate the impact upon other areas.View AnswerAnswer:...

Which step is the last part of the risk assessment process, which started with risk identification then moved to risk assessment, and finally risk evaluation?A . Risk evaluation B. Risk outsourcing C. Risk acceptance D. Risk avoidanceView AnswerAnswer: A Explanation: the last step of the risk assessment process, which starts...

ISO 31000:2018 offers a generic outline for the design of the risk management framework and process.A . True B. FalseView AnswerAnswer: A Explanation: ISO 31000:2018 offers a generic outline for the design of the risk management framework and process. ISO 31000:2018 provides guidelines that can be adapted to any organization’s...

Inclusiveness is another critical attribute of good risk management.A . True B. FalseView AnswerAnswer: A Explanation: Inclusiveness is another critical attribute of good risk management. Inclusiveness helps to ensure that different perspectives, knowledge, and values are considered in risk management.

Where does an internal auditor typically spend most of his time auditing today?A . People B. Process C. Technology D. InfrastructureView AnswerAnswer: B Explanation: According to, page 9, one of the current trends in auditing, risk management and compliance is “shifting from auditing people to auditing processes”. This means that...