M2 Enterprise Risk MGMT Frameworks

Question 1

What are the 5 components of Enterprise Riske MGMT

Answer 1

1. Governance and Culture
2. Strategy and Objective Setting
3. Performance
4. Review and Revision
5. Information, Communication, and Reporting (ongoing)

Question 2

What are inherent risks

Answer 2

Inherent risk is the risk that exists to an entity when MGMT takes no action to alter the severity of the risk.

Question 3

What are the 5 components of COSO’s ERM?

Answer 3

Mnemonic GO PRO
Goverenance and Culture
Strategy and Objective-Setting
Performance
Review and Revision
Information, Communication, and Reporting (Ongoing)

Question 4

The ERM Framework states that the organization must identify events both positive and negative, as part of risk MGMT program. At what point does the organization identify the event/risk?

Answer 4

Events/ Risks can only be identified AFTER the organizarional objectives are identified.

Question 5

Which principles support the Governance and culture component?(Hint: Mnemonic DOVES)

Answer 5

Desired culture
exercised board Oversight
demonstrates commitment to core Values

Question 6

Which principles support the Strategy and objective setting component? (Hint: Mnemonic SOAR)

Answer 6

evaluates alternative Strategies
formulates business Objectives
Analyzes business context
defines Risk appetite

Question 7

Which principles support the Performance component? Hint: Mnemonic VAPIR

Answer 7

View
Assessess severity of risk
Prioritizes risks
Identifies risks
implements Risk

Question 8

Which principles supports the Review and revision component? ( Hint Mnemonic SIR)

Answer 8

Substantial change
Pursues Improvement in the ERM
Reviews risk and performance

Question 9

What are residual risks?

Answer 9

Risdual risk = Inherent risk- Impact of MGMT actions