Chapter 2 MCQ Flashcards
Which of the following best describes the first line of defense in operational risk management?
A) Internal Audit
B) Risk Management Department
C) Business Line Managers
D) External Regulators
c
What is the primary purpose of an operational risk governance framework?
A) To ensure compliance with external regulations
B) To outline the responsibilities for risk management within the organization
C) To provide a set of guidelines for financial reporting
D) To manage the firm’s investment strategies
b
What is the primary purpose of an operational risk governance framework?
A) To ensure compliance with external regulations
B) To outline the responsibilities for risk management within the organization
C) To provide a set of guidelines for financial reporting
D) To manage the firm’s investment strategies
B
Which of the following best describes the first line of defense in operational risk management?
A) Internal Audit
B) Risk Management Department
C) Business Line Managers
D) External Regulators
C
Operational risk policy should NOT include which of the following?
A) Ethical and behavioral guidelines
B) Detailed personal information of all employees
C) Glossary of terms related to operational risk
D) Roles and responsibilities related to operational risk management
B
Risk culture in an organization is primarily established by which body?
A) External Auditors
B) The Governing Body
C) First Line Managers
D) Third Line of Defense
B
The ‘use test’ in the context of operational risk management refers to:
A) The frequency of audit tests
B) The practical application of risk assessments in decision-making
C) A legal requirement for operational risk policies
D) The validation of external data sources
B
Who is responsible for providing independent oversight and challenge to the first line of defense?
A) Internal Audit
B) Business Line Managers
C) Risk Management Function
D) External Consultants
C
What role does the third line of defense play in operational risk management?
A) Implementing operational risk controls
B) Providing assurance on the effectiveness of the risk management framework
C) Developing the operational risk policy
D) Directly managing identified risks
B
Continuous review and change in operational risk management is important for:
A) Meeting annual financial targets
B) Adapting to changes in the external environment
C) Fulfilling employee performance evaluations
D) Ensuring the stability of IT systems
B
Which of the following is NOT a component of the operational risk management framework?
A) Risk and Control Self-Assessment (RCSA)
B) Annual leave policy
C) Scenario analysis
D) Key Risk Indicators (KRIs)
B
The operational risk function’s independence is crucial for:
A) Facilitating risk transfer agreements
B) Ensuring unbiased oversight and challenge
C) Implementing new IT systems
D) Conducting employee training programs
B
External stakeholders in operational risk management include all EXCEPT:
A) Regulators
B) Investors
C) Competitors
D) Customers
C
Which statement best reflects the importance of risk culture in an organization?
A) It determines the organization’s stock price
B) It influences behavior towards risk management across the organization
C) It is relevant only to the risk management department
D) It has no impact on operational risk management
B
Operational risk policies should be:
A) Kept confidential from junior employees
B) Communicated clearly to all relevant staff
C) Updated only when there is a significant loss event
D) Developed without input from the governing body
B