GAQM ISO-31000-CLA Exam Questions Instant Access

Question 1

ISO uses the concept of uncertainty as the driver and rationale for risk management.

ATrue

BFalse

Answer : A

ISO uses the concept of uncertainty as the driver and rationale for risk management. Uncertainty refers to the state of having incomplete knowledge or understanding about something that can affect an organization's objectives.

Question 2

Risk management takes human and cultural factors into account.

ATrue

BFalse

Answer : A

Risk management takes human and cultural factors into account1. Human factors include perception, judgment, behavior, and communication that influence risk management. Cultural factors include values, beliefs, norms, and expectations that shape the organization's risk culture.

Question 3

Where does an internal auditor typically spend most of his time auditing today?

APeople

BProcess

CTechnology

DInfrastructure

Answer : B

According to , page 9, one of the current trends in auditing, risk management and compliance is ''shifting from auditing people to auditing processes''. This means that internal auditors focus more on how well an organization's processes are designed and implemented to achieve its objectives and manage its risks.

Question 4

Which of the following is considered a risk analysis technique?

ABudget allocation

BConsensus building

CInsurance placement

DMonte Carlo simulation

Answer : D

Monte Carlo simulation is a risk analysis technique that uses random variables to model uncertainty and generate possible outcomes2. This helps to assess the probability and impact of different scenarios.

Question 5

Using the FIRM scorecard which of the following risks could a risk manager quantify?

1. Loss of income.

2. Financial gain.

3. Reputational damage.

A1 and 2.

B1 and 3.

C2 and 3.

Answer : A

According to2, FIRM scorecard is ''a tool for measuring risk performance''. It uses four dimensions: financial impact, internal processes, reputation and market position (FIRM). Loss of income and financial gain are examples of financial impact risks that can be quantified using monetary values or ratios. Reputational damage is an example of reputation risk that is more difficult to quantify using objective measures.

Question 6

A broker is undertaking a business interruption review on behalf of a client. This would most commonly include an evaluation of the

Aeffectiveness of a business continuity plan.

Beffectiveness of risk reserving.

Clevel of risk tolerance.

Dlevel of self insurance.

Answer : A

A business interruption review is an evaluation of the effectiveness of a business continuity plan, which is a set of procedures and resources to ensure that an organisation can continue its critical functions in the event of a disruption12.

Question 7

Which risk is sometimes called 'retained risk.'?

AResidual risk

BConceptualize risk

CAnalytical risk

DProcedural risk

Answer : A

According to ISO/IEC Guide73 (2009), clause B., residual risk is ''the level of remaining after controls have been applied''.It is sometimes called 'retained risk' because it represents the amount of risk that an organization decides to accept or retain after implementing its mitigation strategies3.

GAQM ISO 31000 - Certified Lead Risk Manager ISO-31000-CLA Exam Questions