Risk Management History and Types

Questions and Answers

What are the three categories of risks defined in ISO 31000?

• Market, Credit, Liquidity
• Reputation, Compliance, Financial
• Hazard, Control, Opportunity (correct)
• Strategic, Operational, Financial

What type of risk is associated with the installation and/or upgrade of a software package?

• Hazard risk
• Opportunity risk
• Uncertainty risk
• Control risk (correct)

What is the level of risk that is present before any actions have been taken to change the likelihood or magnitude of the risk?

• Net risk
• Inherent risk (correct)
• Residual risk
• Managed risk

What is the purpose of risk assessment in Enterprise Risk Management?

To identify and prioritize risks for mitigation (A)

What is the goal of risk mitigation strategies?

To reduce the likelihood or magnitude of risks (C)

What is the term for the level of risk that remains after controls have been implemented to reduce the likelihood or magnitude of the risk?

Residual risk (A)

What is the purpose of business continuity planning?

To respond to disruptions and maintain business operations (D)

Why was the importance given to Risk and its impact on organizations greatly enhanced after the Financial Crisis of 2008?

Because of the recognition of the importance of risk management (B)

What is the relationship between likelihood and magnitude in risk assessment?

Higher likelihood results in higher magnitude (B)

What is the term for the potential for things to go wrong in a particular situation?

Uncertainty (B)