ISO-31000-CLA

Who serves as the principal adviser to the CEO, business unit heads, and critical function heads on risk matter?A . Chief Risk Officer (CRO) B. Chief Information Officer (CIO) C. Quality Auditor (QA) D. Risk Owner (RO)View AnswerAnswer: A Explanation: Chief Risk Officer (CRO) serves as the principal adviser to...

Treatment plan becomes a living document of defining the direction of the risk treatment and being able to monitor progress against the plan.A . True B. FalseView AnswerAnswer: A Explanation: Treatment plan becomes a living document of defining the direction of the risk treatment and being able to monitor progress...

Which of the following documents information are relevant to the organization’s risk management framework, process, and system?A . Reporting and auditing B. Recording and reporting C. Visualizing and conceptualizing D. Rationalizing and reportingView AnswerAnswer: B Explanation: Recording and reporting documents information that are relevant to the organization’s risk management framework,...

Which of the following is described in terms of consequence and likelihood?A . Level of risk B. Level of crisis C. Level of uncertainty D. Level of cohesivenessView AnswerAnswer: A Explanation: Level of risk is described in terms of consequence and likelihood. Consequence means the outcome or impact of a...

Enhanced risk management emphasizes the continual improvement of risk management capabilities.A . True B. FalseView AnswerAnswer: A Explanation: Enhanced risk management emphasizes the continual improvement of risk management capabilities1. This means that risk management is regularly reviewed and updated to ensure its relevance, adequacy, and effectiveness.

Which of the following step is a critical part of risk assurance?A . Evaluation Context B. Establishing Context C. Communication and Consultations D. Monitoring and ReviewView AnswerAnswer: D Explanation: Monitoring and review is a critical part of risk assurance5. This step involves checking whether the risk management framework, policy, and...

ISO 31000:2018 risk management process is ______________A . descriptive B. prescriptive C. visionitive D. cursiveView AnswerAnswer: A Explanation: ISO 31000:2018 risk management process is descriptive6. This means that it provides guidance on what should be done for effective risk management, but not how it should be done. The process can...

Risk management is tailored.A . True B. FalseView AnswerAnswer: A Explanation: Risk management is tailored4. Tailored means that risk management takes into account the specific needs, objectives, and characteristics of each organization and its context.

Risk management as defined by OCEG GRC model is:A . Capability to set and evaluate performance against objectives B. Capability to proactively identify, assess and address uncertainty and potential obstacles to achieving objectives C. Capability to proactively encourage and ensure compliance with established policies and boundariesView AnswerAnswer: B Explanation: According...

New definition of risk under ISO 31000 and 31010 is:A . Danger that injury, damage, or loss will occur B. Possibility of investment loss C. Probability of loss to an insurer D. Probability of an event that will have an impact on objectivesView AnswerAnswer: D Explanation: According to ISO/IEC Guide73...