Take our new quiz based on a sample of knowledge needed for our International Diploma in Risk Management. Challenge yourself today.
‘The challenge in looking further out into the future is that many of the changes that could take place may be significant departures from today’s reality & are not on our collective radar.’ Which of the following does NOT help us identify emerging risks?
A) A trend analysis is a mathematical technique which makes use of historical information to predict future outcomes.
B) Interconnections maps are used by the World Economic Forum to describe interconnections between risks. This provides a means to interpret how one risk impacts another and, as the report states, ‘mapping perceived interconnections between risks helps to understand the potential transmission channels between them’.
C) A fault tree analyses causes of a focus event using Boolean logic to describe combinations of faults – often used to investigate past events.
Which of the following is considered a more inwardly focused tool to manage disruption to an organisation?
A) In understanding the term crisis management, we return to the description of a crisis as a situation or episode in which different individuals and groups seek to attribute meaning to a particular set of circumstances which pose extraordinary threats to an individual, institution and/or society. For this reason, crisis management can be viewed as more outwardly focused, notably in dealing with situations which have the potential for a wide social, political, economic or environmental impact.
B) Business continuity can be viewed as being more inwardly focused, namely in handling situations which may cause significant disruption to the continuity of an organisation’s business-critical operations and dependencies in its supply chain.
C) Disaster management as a term generally refers to the efforts of public agencies, communities and not-for-profit organisations to plan for and coordinate the recovery from a disaster, notably natural disasters such as hurricanes, earthquakes and floods and man-made acts of terror and public disorder. As such, it is more outwardly focussed.
A) Key personnel within the organisation will manage their relevant risks, although a CRO might be involved in the management of certain risks.
B) One key role of the CRO or equivalent senior executive is to independently report on risk to the board of directors.
C) Key personnel within a risk management team or external consultants will provide training to the Board, although the CRO would be involved in the development of the training and might deliver it in some organisations.
What is one of the key skills you need to have to be a risk manager/practitioner?
A) Being persuasive and influential: your ability to change other’s minds, to get them to see things your way, and to negotiate.
B) Although it is useful to be knowledgeable of risk management tools it is not a key skill of a risk manager / practitioner. Information on tools can be sought by internal or external experts.
C) Risk managers / practitioners do not need to know how to manage all risks for an organisation - key personnel within the organisation will manage their relevant risks, although risk managers / practitioners can provide advice and support.
You have been asked by your organisation to go out to an external architect to manage the design risk for your new distribution warehouse. What method of contractual risk transfer is this?
A) Management of risk controls might be outsourced to external agencies – often experts in the particular discipline. Architects are an example of outsourced expertise.
B) A joint venture (JV) is a business arrangement in which two or more parties agree to pool their resources for the purpose of accomplishing a specific task. This task can be a new project or any other business activity
C) A strategic partnership is an arrangement between two companies or organizations to help each other or work together, to make it easier for each of them to achieve the things they want to achieve
Which of the following are components of internal control according to the COSO Internal Control – Integrated Framework (2013)?
A) The five components of the COSO Internal Control – Integrated Framework (2013) are: Control environment; Risk assessment; Control activities; Information and communication; Monitoring activities - not Risk identification (2) or Reporting (4).
B) The five components of the COSO Internal Control – Integrated Framework (2013) are: Control environment; Risk assessment; Control activities; Information and communication; Monitoring activities - not Risk identification (2) or Reporting (4).
C) The five components of the COSO Internal Control – Integrated Framework (2013) are: Control environment; Risk assessment; Control activities; Information and communication; Monitoring activities.