GAQM ISO-31000-CLA Exam Practice Test Instant Access

Question 1

Which of the following are two ISO 31000:2018 risk management principles? (Choose two)

AIntegrated

BCustomized

CFunctional

DStatistical

EDesign

FStrategy

Answer : A, B

Integrated and customized are two of the nine risk management principles in ISO 31000:20181. Integrated means that risk management is an integral part of all organizational activities. Customized means that risk management is aligned with the organization's external and internal context and risk profile.

Question 2

Understanding the potential causes of risk events will primarily help an organisation to

Acomply with corporate governance standards.

Beliminate all risks

Cimprove internal audit procedures.

Dreduce the frequency of loss.

Answer : D

Understanding the potential causes of risk events will primarily help an organisation to reduce the frequency of loss. This is because identifying and analysing the sources and drivers of risks can enable an organisation to implement preventive or mitigating measures.

Question 3

A train has crashed and is badly damaged. There have been numerous claims from injured passengers as well as a loss of revenue for the train operator. This is an example of

Arisk aggregation.

Brisk categorisation.

Crisk probability.

Drisk severity.

Answer : A

A train crash and its consequences is an example of risk aggregation, which is the combined effect of multiple risks on an organisation's objectives3. Risk aggregation can result in losses that are greater than the sum of individual losses.

Question 4

Which of the followingis a process with inputs, activities, and outcomes?

ASupply chain management

BFinancial management

CQuality management

DRisk management

Answer : D

Risk management is a process with inputs, activities, and outcomes1. The inputs are the organization's context and risk criteria. The activities are risk identification, analysis, evaluation, and treatment. The outcomes are improved decision making, performance, and resilience.

Question 5

Which risk is sometimes called 'retained risk.'?

AResidual risk

BConceptualize risk

CAnalytical risk

DProcedural risk

Answer : A

According to ISO/IEC Guide73 (2009), clause B., residual risk is ''the level of remaining after controls have been applied''.It is sometimes called 'retained risk' because it represents the amount of risk that an organization decides to accept or retain after implementing its mitigation strategies3.

Question 6

What is the role of risk management in the strategic planning process?

AChallenge the decisions made.

BDevelop risk treatment plans.

CDraft the decisions to be made.

DIdentify threats and opportunities.

Answer : D

According to , page 7-8, one of the roles of risk management in the strategic planning process is to identify threats and opportunities that could affect the organization's objectives and performance.

Question 7

Which of the following statements does not apply to ISO 31000?

AIt is the first standard issued by ISO for risk management

BIt can be used by any organization regardless of its size, activity or sector

CIt can be used for certification purposes

Answer : C

According to ISO31000 (2018), clause 1., it is ''not intended for certification purposes''.It provides guidance on how organizations can manage their risks effectively using a systematic approach based on principles, framework and process3.

GAQM ISO 31000 - Certified Lead Risk Manager ISO-31000-CLA Exam Practice Test