Domain III Risk Management Assurance
questions & answers.
Management assertions ANS - Reports made by management related to performance, future
performance, resources, risk management, and controls. Also known as attestations of management
assurance.
Checklists ANS - A generic list of potential risks relevant to a particular context that can be used to help
identify risks.
Benchmarking ANS - Collaborative process among a group of entitites that focuses on specific events or
processes, compares measures and results using common metrics, and identifies improvement
opportunities.
Scenario planning ANS - Use of hypothetical future situations to model potential risk events and assess
how the organization could respond.
Vulnerability assessments ANS - Determination of points of weakness or potential failure in a system by
reviewing each step in detail.
Brainstorming ANS - Open-ended freestyle speculation on a given topic that can be used to help
identify risks.
Control self-assessment (CSA) ANS - A facilitated process whereby control owners provide a self-
assessment of the design adequacy and operating effectiveness of controls for which they are
responsible. Also known as control risk self-assessment (CRSA).
Risk identification workshops ANS - Facilitated discussion very similar to CSA but may include a broader
audience and may help identify emerging risks and black swan events. Also known as facilitated
workshops.
Risk profile ANS - The level and distribition of risks across the entity and across various risk categories.
, Risk universe ANS - Totality of all risks that may impact an organization's objectives.
Risk register ANS - Structured record of all relevant risks and their analyses.
Risk classification ANS - Convenient groupings of related risks. Also known as risk categories.
Risk source ANS - Conditions that may give rise to events that can impact an organization's objectives.
Trigger event ANS - The initial event in a sequence of cause-and-effect events that can give rise to the
risk event.
Risk owner ANS - Identified individual or team responsible for the process or activity associated with a
risk and for maintainin an acceptable response to the risk.
Inherent risk ANS - Risk level prior to the application of risk responses.
Residual risk ANS - Risk level subsequent to the application of risk responses.
Acceptable risk ANS - Residual risk that falls within the appetites and limits set by the board.
Unacceptable risk ANS - A risk that is judged to be incompatible with the organization's risk attitude,
appetite, capacity, tolerance, values, culture, or legal, regulatory, or ethical obligations, or other such
measure, leaving the organization exposed to a level of risk that may jeopardize its ability to achieve its
objectives.
Adequate control ANS - Present if management has planned and organized (designed) in a manner that
provides reasonable assurance that the organization's risks have been managed effectively and that the
organization's goals and objectives will be achieved efficiently and economically.
Emerging risk ANS - Risk associate with previously unexperienced circumstances about which there is
limited information and likely high volatility.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Professorkaylee. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $9.99. You're not tied to anything after your purchase.