FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 12: The Risk Intelligent Enterprise: Enterprise Risk Management

Show Answer

Share

---

All types

Filters

Study Flashcards

Question 1

Multiple Choice

Review LaterAdd Note

Review Later

Match the ERM component name to the appropriate definition. -Monitoring

A) This is comprised of policies and procedures established and implemented to ensure risk responses are effective.
B) This involves identifying occurrences that affect an enterprise's ability to attain its objectives.
C) This involves ensuring relevant data is captured and communicated effectively throughout the organization to appropriate individuals in a timely manner.
D) This involves watched evaluation and feedback that permits modifications as needed.
E) This ensures that the enterprise has a process for setting goals that are consistent with the entity's mission and risk appetite.
F) This involves the risk management philosophy of the enterprise, including the tone set by top management.

G) A) and D)
H) C) and E)

Correct Answer

verified

D

Question 2

Essay

Review LaterAdd Note

Review Later

What are the four risk response categories? Include a definition of each.

Correct Answer

verified

Avoidance. This risk response involves a...

View Answer

Show Answer

Question 3

True/False

Review LaterAdd Note

A silo approach with separate departments developing separate security programs without consideration of comprehensive risk management can prove to be very effective.

How can IT build sustainability into IT controls?

In ERM risk assessment, ________ may refer to assessing likelihood using a quantitative measure, such as percentages.

Focusing on sustainable operations increases the risk of dependence on dwindling natural resources that may become cost prohibitive in the future.

Effective implementation of ERM requires a robust discussion of the potential impact of not mitigating risks and the likelihood that the risk will impact the organization.

________ are controls embedded in business processes where a majority of security breaches occur.

At the top management level, ________ IT controls provide IT governance that sets the tone from the top of the enterprise.

The risk time frame ________ relates to the organization's strategy, affecting three to five years or longer.

Which risk time frame relates to tactics, such as new projects that initiate change?

Given the impossibility of foreseeing every conceivable control to address all threats, risk management uses the approach of assessing risk to determine the probability of risk, its frequency, and its impact.

Which ERM objective relates to the goals that support a corporation's mission?

________ practices offer a solution to reduce risk.

Identifying, assessing, and mitigating risks has not been shown to produce better business performance.

Which of the following is NOT one of the 4Ts of risk management?

Which ERM component is comprised of policies and procedures established and implemented to ensure risk responses are effective?

Application controls are controls over IT services, such as networks and database systems.

In the context of enterprise risk management, ________ refers to the process of monitoring an entity's enterprise risk management.

What are four internal events that may pose a risk to an enterprise's ability to achieve objectives? Provide examples.