Risk Management History and Types

Questions and Answers

What are the three categories of risks defined in ISO 31000?

Market, Credit, Liquidity

Reputation, Compliance, Financial

Hazard, Control, Opportunity (correct)

Strategic, Operational, Financial

What type of risk is associated with the installation and/or upgrade of a software package?

Hazard risk

Opportunity risk

Uncertainty risk

Control risk (correct)

What is the level of risk that is present before any actions have been taken to change the likelihood or magnitude of the risk?

Net risk

Inherent risk (correct)

Residual risk

Managed risk

What is the purpose of risk assessment in Enterprise Risk Management?

To identify and prioritize risks for mitigation

What is the goal of risk mitigation strategies?

To reduce the likelihood or magnitude of risks

What is the term for the level of risk that remains after controls have been implemented to reduce the likelihood or magnitude of the risk?

Residual risk

What is the purpose of business continuity planning?

To respond to disruptions and maintain business operations

Why was the importance given to Risk and its impact on organizations greatly enhanced after the Financial Crisis of 2008?

Because of the recognition of the importance of risk management

What is the relationship between likelihood and magnitude in risk assessment?

Higher likelihood results in higher magnitude

What is the term for the potential for things to go wrong in a particular situation?

Uncertainty