Exam (elaborations)
CIA Part 1 Unit 4: Risk Management questions with correct answers 2024/2025
- Course
- Institution
CIA Part 1 Unit 4: Risk Management questions with correct answers 2024/2025
[Show more]
Content preview
CIA Part 1 Unit 4: Risk ManagementRisk - ANSPossibility of an event occurring that will have an impact on achievement of
objectives. Impact v. Likelihood
Risk Management - ANSA process to identify, assess, manage, and control potential events
or situations to provide reasonable assurance regarding achievement of objectives.
Risk Management Process (5) - ANS(1) Identification of context
(2) Risk Identification
(3) Risk Assessment & Prioritization
(4) Risk Response
(5) Risk Monitoring
Step 1 - Identification of Context - ANSContexts can include laws, regs, capital projects,
business processes, technology, market risk, and organizations.
Step 2 - Risk Identification - ANSShould be performed at every level of the entity. Consider
past events and future possibilities. Event Inventories, questionnaires/surveys, leading event
indicators/triggers, facilitated workshops, interviews, process flow analysis, loss event data
methodologies.
Brainstorming, SWOT, Scenario analysis
Step 3 - Risk Assessment and Prioritization - ANSAssess significance, likelihood, means of
managing risk.
Qualitative - Risk ranking, heat maps, matrix
Quantitative - Probability models, how it would affect earnings
Step 4 - Risk Response - ANSHow organization elects to manage individual risks.
Controls - ANSActions taken by management to manage risk and ensure risk responses are
carried out.
Residual Risk - ANSRisk that remains after responses are executed
Step 5 - Risk Monitoring - ANSTrack identified risks, evaluate current response plans,
monitor residual risks, identify new risks.
Who has oversight of risk management? - ANSThe board
Who ensures risk management processes are functioning? - ANSManagement
Who examines, evaluates, reports or recommends improvements for risk management? -
ANSInternal audit activity
, Regarding Risk Management, CAE and IA's should (5) - ANS(1) Obtain a clear
understanding of the org's risk situation
(2) Consider RM frameworks and models
(3) Consider characteristics of the organization
(4) Review the maturity of the org's RM
(5) Have an established process for planning, auditing and reporting RM issues
Maturity levels for risk management (5) - ANS1 Initial
2 Repeatable
3 Defined
4 Managed
5 Optimized
Enterprise Risk Management - ANSCulture, capabilities, and practices, integrated with
strategy-setting and performance that organizations rely on to manage risk in creating,
preserving, and realizing value.
Definition of Culture in ERM - ANSthe attitudes, behaviors, and understanding about risk that
influence management's decisions
Definition of Capabilities in ERM - ANSskills needed to carry out entity's mission and vision
Definition of Practices in ERM - ANSCollective methods used to manage risk
Risk profile - ANScomposite view of types, severity, and interdependencies of risks related to
a specific strategy or business objective and their effect on performance.
Portfolio view of risk - ANScomposite view of risks related to entity-wide strategy and
business objectives and their effects on entity performance
Opportunity - ANSAny action or potential action that creates or alters goals or approaches
for the creation, preservation, or realization of value
Risk inventory - ANSall identified risks that affect strategy and business objectives
Risk Capacity - ANSMax amount of risk the org can assume
Risk appetite - ANSAmounts and types of risks the organization is willing to accept in pursuit
of value
Inherent Risk - ANSRisk in the absence of management actions to alter its severity
Actual residual risk - ANSamount of risk remaining after management actions to alter its
severity
Target residual risk - ANSthe risk the entity prefers to assume knowing that management
has acted or will act to alter its severity.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Qualityexam. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.49. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
78677 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now