Arnotts Delicacy Price List

An organization has two options for dealing with a possible loss.
Option A reduces the expected

value of the loss from $200,000 to $20,000 at a cost of
$60,000 and Option B reduces the expected value of the loss from $200,000 to $10,000 at a
cost of $90,000. Which option is preferable?
Incorrect answer:
Option Bis preferable since it results in a lo wer expected value of the loss.
Correct Answer:
Option A is preferable because it has a higher "net benefit" than Option B has.
Option A is preferable because it has a higher "net benefit" than Option B has.
, Not Selected
Option A is preferable since it costs less than Option B.
, Not Selected
The options are equally preferable since they both reduce the expected value of the loss.
, Not Selected
Results for item 2.
2
1 / 1 point
A rice farmer has decided to protect against possible price fluctuations at the time of harvest by
purchasing some rice options. What type of risk response strategy has the rice farmer engaged
in?
Acceptance
, Not Selected
Reduction
, Not Selected
Correct answer:
Sharing
Avoidance
, Not Selected
Results for item 3.
3
0 / 1 point
Which of the following is not a way a company can practice risk transfer?
Establishing a joint venture to launch a risky product
, Not Selected
Purchasing flood insurance on a warehouse located near a river
, Not Selected
Incorrect answer:
Purchasing an option to receive a fixed amount of dollars in exchange for a given amount of a foreign
currency
Correct Answer:
Selling a warehouse that is located near a river
Selling a warehouse that is located near a river
, Not Selected
Results for item 4.
4
1 / 1 point
Which risk response reflects a change from acceptance to sharing?
Correct answer:
Management purchased insurance on previously uninsured property.
An insurance policy on a manufacturing plant was not renewed.
, Not Selected
After employees stole numerous inventory items, management implemented mandatory background
checks on all employees.
, Not Selected
Management sold a manufacturing plant.
, Not Selected
Results for item 5.
5
1 / 1 point
According to COSO, which of the following provides oversight of an entity’s enterprise risk
management (ERM)?
Correct answer:
The board of directors
Management
, Not Selected
Financial executives
, Not Selected
The risk officer
, Not Selected
Results for item 6.
6
1 / 1 point
The internal auditor who works in enterprise risk management (ERM) may perform each of the
following activities except
Correct answer:
Setting the risk appetite of the organization.
Evaluating the design of the overall entity.
, Not Selected
Identifying improvement opportunities.
, Not Selected
Auditing ERM.
, Not Selected
Results for item 7.
7
1 / 1 point
According to COSO, the position or internal entity that is best suited, as part of the enterprise
risk management process, to devise and execute risk procedures for a particular department is
Correct answer:
A manager within the department.
The audit committee.
, Not Selected
The internal audit department.
, Not Selected
The chief executive officer.
, Not Selected
Results for item 8.
8
1 / 1 point
A toothbrush manufacturer has noticed a shift of customer preferences in its growing Asian
sales market toward an electronic battery operated toothbrush from a manual toothbrush. This
shifting of customer tastes best represents what type of risk to the toothbrush manufacturer?
Operational risk
, Not Selected
Business risk
, Not Selected
Financial risk
, Not Selected
Correct answer:
Strategic risk
Results for item 9.
9
1 / 1 point
A large multinational company currently has its information technology department located in
Germany. To reduce the risk of system failure, the company decided to split up the information
technology department into two geographically separate locations and set up a new location in
Singapore. The company can still face a catastrophic system failure, but the risk will be greatly
reduced. The risk that remains after the company sets up the second information technology
department in Singapore is best described as
Business risk
, Not Selected
Correct answer:
Residual risk
Inherent risk
, Not Selected
Hazard risk
, Not Selected
Results for item 10.
10
0 / 1 point
Which of the following actions would a more risk averse management team likely take?
Purchasing options to lock in a price of a raw material that tends to fluctuate in price.
, Not Selected
Incorrect answer:
Renegotiating compensation contracts under which the sales staff was paid based on monthly sales to one
in which the sales staff would receive a
fixed salary regardless of monthly sales.
Correct Answer:
Purchasing options to lock in a price of a raw material that tends to fluctuate in price.
Moving the manufacturing of a product to a country with lower labor costs but a history of seizing assets
of foreign companies.
, Not Selected
Reducing safety training for employees.
, Not Selected
11
1 / 1 point
The HNJ Company is assessing the potential loss from a computer virus. The following table
lists three possible scenarios, the expected loss under each scenario, and the likelihood of each
scenario.
Scenario Expected Loss Likelihood
Minor $100,000 30%
Moderate $600,000 50%
Significant $2,000,000 20%
Based on this information, what is the maximum possible loss from this computer virus?
$900,000
, Not Selected
$600,000
, Not Selected
Correct answer:
$2,000,000
$730,000
, Not Selected
12
0 / 1 point
Which of the following is a key component of the COSO Framework for enterprise risk
management (ERM)?
Objective setting
, Not Selected
Risk response
, Not Selected
Incorrect answer:
Risk assessment
Correct Answer:
Objective setting
Risk retention
, Not Selected
13
1 / 1 point
Which of the following is true regarding insurance?
Liability insurance protects against damage caused by accidents or natural disasters and against lawsuits
from employment practices.
, Not Selected
Liability insurance protects against damage caused by accidents or natural disasters but not against
lawsuits from employment practices.
, Not Selected
Hazard insurance protects against damage caused by accidents or natural disasters and against lawsuits
from employment practices.
, Not Selected
Correct answer:
Hazard insurance protects against damage caused by accidents or natural disasters and liability insurance
protects against lawsuits from employment practices or faulty products.
14
1 / 1 point
A firm can mitigate the risk of financial loss from the possible on-the-job injury of one of its
employees through
Workers’ compensation insurance.
, Not Selected
Hazard insurance.
, Not Selected
Correct answer:
Liability insurance.
Key employee insurance.
, Not Selected
15
1 / 1 point
According to COSO, which component of enterprise risk management (ERM) addresses an
entity’s operating structures and core values?
Information, communication, and reporting.
, Not Selected
Review and revision.
, Not Selected
Correct answer:
Governance and culture
Strategy and objective-setting.
, Not Selected
16
0 / 1 point
What is an example of evaluating a company's risk exposure?
Evaluating the effectiveness of security enhancements at reducing the risk of facilities being broken into .
, Not Selected
Incorrect answer:
Installing new locks, surveillance cameras, and other security enhancements at facilities.
Correct Answer:
Estimating how difficult it would be for company buildings to be broken into.
Determining the risk of a facility being broken into that is tolerable .
, Not Selected
Estimating how difficult it would be for company buildings to be broken into.
, Not Selected
17
1 / 1 point
According to COSO, the difference between inherent risk and actual residual risk results
because of management’s
Actions to alter the severity of actual residual risk.
, Not Selected
Correct answer:
Actions to alter the severity of inherent risk.
Inability to alter the severity of inherent risk.
, Not Selected
Inability to share the actual residual risk.
, Not Selected
18
1 / 1 point
XYZ Company performs a risk management assessment and has the following potential risk
outcomes. What is its expected loss for this event?
Loss Probability
$250,000 20%
$400,000 40%
$750,000 30%
$1,000,000 10%
$2,400,000
, Not Selected
$400,000
, Not Selected
$600,000
, Not Selected
Correct answer:
$535,000
19
1 / 1 point
Limitations of ERM may arise from all of the following except:
Cost-benefit considerations.
, Not Selected
Collusion
, Not Selected
Correct answer:
Failure to achieve objectives.
Faulty human judgment.
, Not Selected
20
0 / 1 point
Which of the following is not a way a company can practice risk transfer?
Stopping the granting of credit to customers and only making cash sales
, Not Selected
Establishing a joint venture to manage the granting of credit to customers
, Not Selected
Purchasing wind insurance on a warehouse located in an area prone to having tornadoes
, Not Selected
Incorrect answer:
Purchasing an option to buy a fixed amount of raw materials for a fixed price
Correct Answer:
Stopping the granting of credit to customers and only making cash sales
21
1 / 1 point
A company’s accounting manager estimated a 5% probability of a significant financial loss due
to failures in the company’s systems and procedures. The accounting manager has identified
what type of risk?
Strategic risk
, Not Selected
Hazard risk
, Not Selected
Correct answer:
Operational risk
Business risk
, Not Selected
22
1 / 1 point
The performance component of the COSO ERM framework addresses an entity’s
Performance results and consideration of risks.
, Not Selected
Correct answer:
Risk identification, assessment, and prioritization methods.
Ability to leverage technology.
, Not Selected
Performance targets and tolerances.
, Not Selected
23
1 / 1 point
Enterprise risk management
Requires establishment of risk and control activities by internal auditors.
, Not Selected
Includes selection of the best risk response for the organization.
, Not Selected
Correct answer:
Involves the identification of events with negative impacts on organizational objectives.
Guarantees achievement of organizational objectives.
, Not Selected
24
0 / 1 point
Which of the following is correct concerning corporate governance in an Enterprise Risk
Management (ERM) program?
Incorrect answer:
It is recommended that the internal audit function not be involved in an ERM program as the goals of
ERM conflict with the goals of internal audit .
Correct Answer:
It is recommended that organizations establish a Chief Risk Officer (CRO).
Risk analysis is a component of an organization's corporate governance.
, Not Selected
It is recommended that organizations establish a Chief Risk Officer (CRO).
, Not Selected
A risk committee reporting to the board of directors would not be useful to an organization with an ERM
program.
, Not Selected
25
1 / 1 point
Inherent risk is
Correct answer:
The risk when management has not taken action to reduce the impact or likelihood of an adverse event.
A risk response.
, Not Selected
A potential event that may affect the achievement of strategy and business objectives.
, Not Selected
The risk after management takes action to alter its severity.
, Not Selected
26
1 / 1 point
The KMN Company sells products and services on credit and for cash. Which of the following
actions taken by KMN is an example of risk sharing?
Only selling products and services for cash

, Not Selected
Correct answer:
Using a third-party financial institution who will accept a portion of the risk of uncollectible accounts in
exchange for a percentage of each credit sale
Using a third-party credit evaluation company that provides information on a customer's likelihood of
making payments on credit sales
, Not Selected
Only selling products and services on credit
, Not Selected
27
1 / 1 point
Which of the following statements is not correct?
Earnings per share distributions is a risk assessment tool that utilizes graphs of potential EPS values and
the probabilities of those values to assess risk.
, Not Selected
Cash flow at risk is a risk assessment tool that measures the maximum loss for a given period in terms of
cash flow.
, Not Selected
Earnings distributions is a risk assessment tool that utilizes graphs of potential accrual earnings and the
probabilities of those values to assess risk.
, Not Selected
Correct answer:
Earnings per share distributions is a risk assessment tool that measures the maximum loss for a given
period in terms of accrual earnings.
28
0 / 1 point
An organization has two options for dealing with a possible loss. Option A reduces the expected
value of the loss from $250,000 to $80,000 at a cost of $70,000 and Option B reduces the
expected value of the loss from $250,000 to $40,000 at a cost of $90,000. Which option is
preferable?
Option B is preferable because it has a higher “net benefit” than Option A has.
, Not Selected
Option A is preferable since it costs less than Option B.
, Not Selected
The options are equally preferable since they both reduce the expected value of the loss.
, Not Selected
Incorrect answer:
Option B is preferable since it results in a lower expected value of the loss.
Correct Answer:
Option B is preferable because it has a higher “net benefit” than Option A has.
29
0 / 1 point
Which of the following answers concerning quantitative risk assessment tools is correct?
An organization usually uses quantitative risk assessment tools at the start of the risk assessment process
and qualitative tools at the end of the process.
, Not Selected
Incorrect answer:
Quantitative risk assessment tools include risk identification, risk ranking , and risk mapping.
Correct Answer:
Cash flow at risk, earning at risk, and earnings distributions are commonly used quantitative risk
assessment tools .
Cash flow at risk, earning at risk, and earnings distributions are commonly used quantitative risk
assessment tools .
, Not Selected
Risks should only be assessed qualitatively.
, Not Selected
30
1 / 1 point
Which of the following is an example of the process flow analysis technique of identifying events
within an Enterprise Risk Management (ERM) approach to risk management?
An airline company analyzes customer complaints based on which employees worked on the flights that
customers had complaints about.
, Not Selected
Correct answer:
A company maps out the process for the approval and payment of accounts payables.
A company compares monthly accounts receivable defaults in the current year to defaults in the same
month for the previous year and institutes more stringent credit requirements when an increase in defaults
of 10% is reached.
, Not Selected
The head of the IT function holds a meeting with employees to get their ideas on possible vulnerabilities
in the IT system.
, Not Selected
31
1 / 1 point
According to COSO, the benefits of enterprise risk management (ERM) include all of the
following except
Improved resource allocation.
, Not Selected
Correct answer:
Elimination of all risks.
Improved risk identification and management.
, Not Selected
Decreased performance variability.
, Not Selected
32
1 / 1 point
One technique for quantitatively assessing the risks faced by an organization is to weight the
monetary consequences of a potential event by its probability. The amount by which the
maximum potential loss associated with the event exceeds this weighted amount is called the
Minimum expected loss
, Not Selected
Expected loss
, Not Selected
Correct answer:
Unexpected loss
Maximum expected loss
, Not Selected
33
0 / 1 point
What is an example of monitoring risk exposure and the risk management strategy?
Using multiple suppliers for raw materials.
, Not Selected
Estimating possible losses from a virus infecting the computer system.
, Not Selected
Evaluating the effectiveness of security enhancements at reducing the risk of facilities being broken into .
, Not Selected
Incorrect answer:
Determining the likelihood of work stoppages caused by flooding to facilities that is acceptable to
management.
Correct Answer:
Evaluating the effectiveness of security enhancements at reducing the risk of facilities being
broken into .
34
0 / 1 point
A company identifies supply chain risks as part of its enterprise risk management (ERM)
process. After identification of this risk, the company wants to determine how much of an impact
this risk could have on its objectives. Its risk assessment should focus on
Incorrect answer:
Residual but not inherent risk.
Correct Answer:
Both inherent and residual risk.
Only expected events.
, Not Selected
External but not inherent factors.
, Not Selected
Both inherent and residual risk.
, Not Selected
35
1 / 1 point
Which of the following statements is correct?
An increase in the time to receive environmental clearance for building a pipeline increases the risk of
building the pipeline and having a guaranteed price for raw material purchases is riskier than paying
prevailing market prices for raw materials.
, Not Selected
An increase in the time to receive environmental clearance for building a pipeline does not change the risk
of building the pipeline and having a guaranteed price for raw material purchases is less risky than paying
, Not Selected
An increase in the time to receive environmental clearance for building a pipeline does not change the risk
of building the pipeline and having a guaranteed price for raw material purchases is riskier than paying
, Not Selected
Correct answer:
An increase in the time to receive environmental clearance for building a pipeline increases the risk of
building the pipeline and having a guaranteed price for raw material purchases is less risky than paying
36
1 / 1 point
Which of the following is an example of the internal analysis technique of identifying events
Analyzing maintenance costs and other problems from past equipment purchases from a particular
manufacturer
, Not Selected
Holding a meeting run by a facilitator where all equipment operators discuss their experience with
investing in and installing new pieces of equipment
, Not Selected
Correct answer:
A company considering purchasing a new piece of equipment uses its own experience with the
manufacturer of the equipment as well as customer reviews to evaluate whether to purchase the
equipment from the manufacturer.
Monitoring products for indicators of minor flaws
, Not Selected
37
1 / 1 point
According to the COSO ERM framework, the characteristic of risk that reflects its nature and
scope is
Correct answer:
Complexity
Severity
, Not Selected
Persistence
, Not Selected
Velocity
, Not Selected
38
1 / 1 point
According to COSO, ERM is best defined as
A serial process in which one component affects only the next component.
, Not Selected
Correct answer:
The culture, capabilities, and practices that organizations rely on to manage risk in creating, preserving,
and realizing value.
A process that takes a control-based approach to an organization.
, Not Selected
A process, effected by an entity’s board of directors, management, and other personnel, designed to
provide reasonable assurance regarding the achievement of objectives relating to operations, reporting,
and compliance.
, Not Selected
39
1 / 1 point
According to COSO’s ERM framework, which of the following is an essential element of the
governance and culture component?
Correct answer:
Human capital
Information systems
, Not Selected
Reports on risk and culture.
, Not Selected
Risk responses
, Not Selected
40
1 / 1 point
A company has developed a new technologically advanced paper-thin solar panel for residential
home use. The company has decided to start selling this solar panel worldwide next month. As
this is a technologically innovative product, one risk that the company faces to sell the solar
panel is possible product failure. This risk of product failure is best representative of what type
of risk to the company?
Correct answer:
Operational risk
Inherent risk
, Not Selected
Residual risk
, Not Selected
Business risk
, Not Selected
41
0 / 1 point
Which of the following is an action that will increase financial risk?
Not updating anti-virus software
, Not Selected
Borrowing money and using the cash to pay a large dividend
, Not Selected
Incorrect answer:
Reducing sales commissions and increasing salaries paid to the sales staff
Correct Answer:
Borrowing money and using the cash to pay a large dividend
Eliminating dividends to conserve cash
, Not Selected
42
1 / 1 point
Communicating information related to risks is very important in enterprise risk management.
Which individual is most likely in the best position to recognize problems as they arise related to
customer product design needs?
Correct answer:
Sales representative
Internal Auditor
, Not Selected
Risk manager.
, Not Selected
Production Manager
, Not Selected
43
1 / 1 point
Which of the following actions is most likely to mitigate the risk of loss due to high operating
leverage?
Issuing debt and using the proceeds to retire (buy back) common stock
, Not Selected
Correct answer:
Reducing the salary and increasing the commission rate paid to the sales staff
Increasing the salary and reducing the commission rate paid to the sales staff
, Not Selected
Issuing common equity and using the proceeds to retire (pay back early} debt
, Not Selected
44
0 / 1 point
Incorrect answer:
Earnings per share distributions is a quantitative risk assessment tool that measures the maximum loss for
a given period in terms of accrual earnings.
Correct Answer:
Earnings per share distributions is a quantitative risk assessment tool that utilizes graphs of
potential EPS values and the probabilities of those values to assess risk.
Earnings per share distributions is a quantitative risk assessment tool that utilizes graphs of potential
accrual earnings values and the probabilities of those values to assess risk.
, Not Selected
Earnings per share distributions is a quantitative risk assessment tool that measures the maximum loss for
a given period in terms of cash flow.
, Not Selected
Earnings per share distributions is a quantitative risk assessment tool that utilizes graphs of potential EPS
values and the probabilities of those values to assess risk.
, Not Selected
45
1 / 1 point
“Self insurance” is a synonym for
Correct answer:
Risk retention
Risk transfer
, Not Selected
Risk sharing
, Not Selected
Risk reduction
, Not Selected
46
0 / 1 point
Which of the following is not an action that will reduce operational risk?
Moving a data center away from a flood-prone area

, Not Selected
Running criminal background checks on prospective employees who will be installing equipment in
customers’ homes
, Not Selected
Incorrect answer:
Renegotiating a contract with a document processing company where the new quarterly payment is based
on the number of documents from sales processed in that quarter rather than the current system where
there is a fixed quarterly payment regardless of the number of documents from sales processed
Correct Answer:
Allowing sales managers to write off uncollectible accounts
Allowing sales managers to write off uncollectible accounts

, Not Selected
47
1 / 1 point
What is an example of determining the company's tolerance for risk?
Selling off the assets of an international operation
, Not Selected
Partnering with a local firm to manufacture and deliver products
, Not Selected
Correct answer:
Determining the amount of revenue and assets that the company would be willing to risk in the event that
a foreign government seized control of the company's property
Hiring a lobbying firm to attempt to persuade the foreign government against seizing the property of
foreign companies
, Not Selected
48
1 / 1 point
According to COSO, an executive’s deliberate misrepresentation to a banker who is considering
whether to make a loan to an enterprise is an example of which of the following internal control
limitations?
Correct answer:
Management override.
Breakdown.
, Not Selected
Collusion
, Not Selected
Costs versus benefits.
, Not Selected
49
0 / 1 point
Which one of the following is not considered a key step in the risk management process?
Incorrect answer:
Prioritize risks.
Correct Answer:
Reconsider current risks.
Formulate risk responses.
, Not Selected
Assess risks.
, Not Selected
Reconsider current risks.
, Not Selected
50
1 / 1 point
All of the following are potential benefits of risk management except
Lower cost of capital.
, Not Selected
Correct answer:
Reduced inherent risk.
Flexibility in responding to unforeseen circumstances.
, Not Selected
Efficient allocation of resources.
, Not Selected
51
0 / 1 point
When an organization decides it will develop or maintain internal activities to manage a risk, it is
electing to that risk.
transfer
, Not Selected
accept
, Not Selected
Incorrect answer:
avoid
Correct Answer:
retain
retain
, Not Selected
52
1 / 1 point
Even though a company implements an enterprise risk management program, it still is likely to
have risk. This risk is considered
Correct answer:
Residual risks
Inherent risks
, Not Selected
Tolerable risks
, Not Selected
Uninsurable risks
, Not Selected
53
1 / 1 point
A manufacturing firm identified that it would have difficulty sourcing raw materials locally, so it
decided to relocate its production facilities. According to COSO, this decision represents which
of the following responses to the risk?
Correct answer:
Risk reduction
Risk sharing
, Not Selected
Risk acceptance
, Not Selected
Prospect theory
, Not Selected
54
0 / 1 point
Which one of the following is considered a quantitative risk assessment technique?
Stress testing.
, Not Selected
Benchmarking.
, Not Selected
Interviews.
, Not Selected
Incorrect answer:
Self-assessment questionnaires.
Correct Answer:
Benchmarking.
55
1 / 1 point
According to COSO, the component of enterprise risk management (ERM) that best relates to
continuous improvement is
Correct answer:
Review and revision.
Information, communication, and reporting.
, Not Selected
, Not Selected
Monitoring
, Not Selected
56
1 / 1 point
Correct answer:
Cash flow at risk, earnings at risk, and earnings distributions are commonly used quantitative risk
assessment tools and risk identification, risk ranking, and risk mapping are commonly used qualitative
risk assessment tools.
Cash flow at risk, risk ranking, and earnings distributions are commonly used quantitative risk assessment
tools and earnings at risk, risk identification, and risk mapping are commonly used qualitative risk
assessment tools.
, Not Selected
Cash flow at risk, earnings at risk, and risk identification are commonly used quantitative risk assessment
tools and earnings distributions, risk ranking, and risk mapping are commonly used qualitative risk
assessment tools.
, Not Selected
Cash flow at risk, earnings at risk, and earnings distributions are commonly used qualitative risk
assessment tools and risk identification, risk ranking, and risk mapping are commonly used quantitative
risk assessment tools.
, Not Selected
57
1 / 1 point
Management considers risk appetite for all of the following reasons except
Aligning with development of strategy.
, Not Selected
Aligning with business objectives.
, Not Selected
Correct answer:
Setting risk capacity.
Implementing risk responses.
, Not Selected
58
1 / 1 point
According to COSO, a risk profile is a view of the relationship between
Correct answer:
Risk and performance.
Risk capacity and risk appetite.
, Not Selected
Tolerance and risk appetite.
, Not Selected
Inherent risk and target residual risk.
, Not Selected
59
1 / 1 point
According to COSO’s ERM framework, which view of risk is fully integrated?
Risk category view
, Not Selected
Correct answer:
Portfolio view.
Risk view
, Not Selected
Risk profile view
, Not Selected
60
1 / 1 point
Each of the following is a limitation of enterprise risk management (ERM), except
ERM operates at different levels with respect to different objectives.
, Not Selected
ERM deals with risk, which relates to the future and is inherently uncertain.
, Not Selected
ERM is as effective as the people responsible for its functioning.
, Not Selected
Correct answer:
ERM can provide absolute assurance with respect to objective categories.
61
0 / 1 point
The risk associated with a project will increase in direct proportion to all of the following except
the:
Duration of the project.
, Not Selected
Capital adequacy of the organization.
, Not Selected
Incorrect answer:
Uncertainty surrounding the impact of Federal regulation on the project.
Correct Answer:
Capital adequacy of the organization.
Volatility of the cash flows associated with the project.
, Not Selected
62
1 / 1 point
Which of the following components are supporting aspects of the COSO ERM framework?
Correct answer:
Governance and culture; information, communication, and reporting.
Strategy and objective-setting; performance.
, Not Selected
Performance; review and revision.
, Not Selected
Governance and culture; review and revision.
, Not Selected
63
1 / 1 point
Correct answer:
Risk mapping is a qualitative risk assessment tool where risks are displayed visually with the probability
of occurrence on one axis and the magnitude of loss on the other axis.
Risk ranking is a qualitative risk assessment tool where risks are displayed visually with the probability of
occurrence on one axis and the magnitude of loss on the other axis.
, Not Selected
Risk identification is a qualitative risk assessment tool where risks are displayed visually with the
probability of occurrence on one axis and the magnitude of loss on the other axis.
, Not Selected
Risk mapping is performed before risk identification.

, Not Selected
64
1 / 1 point
According to the COSO ERM framework, which of following best describes the difference
between strategy and business objectives?
Correct answer:
Business objectives are the steps to achieve strategy.
Strategy is the organization’s core purpose, and business objectives are what the organization aspires to
achieve over time.
, Not Selected
Business objectives are broader in scope than strategy.
, Not Selected
Strategy is the plan to achieve business objectives.
, Not Selected
65
0 / 1 point
Which of the following is not a benefit of risk management?
It helps companies reduce risk to the lowest level possible.
, Not Selected
It helps companies make better use of their resources.
, Not Selected
It helps companies avoid being surprised by future events.
, Not Selected
Incorrect answer:
It helps companies explain to their investors what steps are being taken to effectively deal with risk.
Correct Answer:
It helps companies reduce risk to the lowest level possible.
66
0 / 1 point
Which of the following is an example of a financial risk?
A new computer application not working correctly
, Not Selected
Incorrect answer:
An employee clicking on an e-mail link and unleashing a virus throughout the company's IT system
Correct Answer:
A company violating a debt covenant and being in technical default
A company violating a debt covenant and being in technical default

, Not Selected
Fire damage to a store
, Not Selected
67
0 / 1 point
Based on COSO’s integrated framework, all of the following are components of Enterprise Risk
Management except
Feasibility analysis
, Not Selected
Incorrect answer:
Risk response
Correct Answer:
Feasibility analysis
Control activities
, Not Selected
Objective setting
, Not Selected
68
0 / 1 point
The best description of scenario analysis as a risk analysis technique is that it is a method that
Changes a key variable to assess the impact.
, Not Selected
Evaluates the impact of changing a group of assumptions.
, Not Selected
Incorrect answer:
Combines negatively correlated assets to reduce overall risk.
Correct Answer:
Evaluates the impact of changing a group of assumptions.
Applies predetermined probability distributions to estimate risky outcomes.
, Not Selected
69
0 / 1 point
Elements of project risk identification include which one of the following?
Interviews and observations
, Not Selected
Cost estimates
, Not Selected
Incorrect answer:
Activity duration estimates.
Correct Answer:
Interviews and observations
Actual risk events
, Not Selected
70
1 / 1 point
An entity determined that its variable interest rate on borrowing will increase significantly in the
near future. Consequently, the entity hedged its variable rate by locking in a fixed rate for the
relevant period. According to COSO, this decision is which type of response to risk?
Reduction
, Not Selected
Avoidance
, Not Selected
Correct answer:
Sharing
Acceptance
, Not Selected
71
1 / 1 point
All of the following are components of the 2017 COSO ERM Framework except:
Governance and Culture
, Not Selected
Correct answer:
Risk Diversification
Performance
, Not Selected
Review and Revision
, Not Selected
72
1 / 1 point
Which of the following statements concerning residual risk and inherent risk is correct?
Inherent risk measures the amount of risk a company is bearing while residual risk does not necessarily
measure the risk a company is bearing.
, Not Selected
Correct answer:
Residual risk measures the amount of risk a company is bearing while inherent risk does not necessarily
measure the risk a company is bearing.
Residual risk involves risk avoidance and risk sharing strategies while inherent risk involves risk
mitigation strate gies.
, Not Selected
Residual risk and inherent risk are the same things .
, Not Selected
73
0 / 1 point
Which of the following statements is true concerning cost-benefit analysis with respect to
Enterprise Risk Management (ERM)?
Incorrect answer:
Cost-benefit analysis is not appropriate within ERM since reducing risk should always be done regardless
of the cost involved.
Correct Answer:
Costs and benefits of possible actions within ERM can be stated quantitatively or qualitatively to
be used in cost-benefit analysis.
The costs and benefits of possible actions within ERM must be quantifiable to be used in cost-benefit
analysis.
, Not Selected
Costs and benefits of possible actions within ERM can be stated quantitatively or qualitatively to be used
in cost-benefit analysis.
, Not Selected
Cost-benefit analysis is not appropriate within ERM since it is not possible to estimate the benefits of
reduced risk.
, Not Selected
74
0 / 1 point
Which of the following situations best describes business risk?
Incorrect answer:
Interest payments increasing due to lower rate debt that is expiring being replaced by higher rate debt
Correct Answer:
Expenses being higher than budgeted due to unexpected shortages
Expenses being higher than budgeted due to unexpected shortages
, Not Selected
The loss of delivery trucks due to a fire at the storage facility
, Not Selected
Higher tax payments due to the elimination of deductions
, Not Selected
75
1 / 1 point
The controller of Southern Iron Works has been asked by the president to propose an enterprise
risk management program and to identify how the program would fit in the company’s reporting
structure. Which statement below represents the best reporting structure that the controller
should propose to the president?
An enterprise risk management function that reports to the board of directors with a dotted line to the
internal audit department.
, Not Selected
An enterprise risk management function that reports to the chief risk officer with a dotted line to the CEO.
, Not Selected
Correct answer:
An enterprise risk management function that reports to the CEO with a dotted line to the board of
directors.
An enterprise risk management function that reports to the internal audit department with a dotted line to
the chief risk officer.
, Not Selected
76
0 / 1 point
The OTF Company operates a line of business that is politically sensitive. Which of the following
actions taken by OTF is an example of risk avoidance?
Incorrect answer:
Increasing the percentage of revenue generated by a politically sensitive line of business
Correct Answer:
Selling off the politically sensitive line of business
Hiring a public-relations firm to monitor and react to situations that impact a politically sensitive line of
business
, Not Selected
Operating a politically sensitive line of business as a joint venture with a partner
, Not Selected
Selling off the politically sensitive line of business
, Not Selected
77
1 / 1 point
Organizations face several types of risk in pursuit of their strategic objectives. The risk that the
treasury function will fail to adequately reconcile the organization’s bank statements is an
example of
Strategic risk
, Not Selected
Financial risk
, Not Selected
Correct answer:
Operational risk
Hazard risk
, Not Selected
78
0 / 1 point
Which of the following actions is least likely to reduce a company's exposure to fluctuating
prices for a material used in one of its products?
Incorrect answer:
Signing a long-term contract with a supplier guaranteeing a given amount of raw materials at a stated
price
Correct Answer:
Producing the product in two facilities rather than in just one facility
Training employees so that less material is wasted in the production process
, Not Selected
Using a different material in the product
, Not Selected
Producing the product in two facilities rather than in just one facility
, Not Selected
79
1 / 1 point
Which of the following decreases the risk of a project?
The estimated time to relocate employees to the location of a project increases from two weeks to four
weeks.
, Not Selected
Correct answer:
The estimated time to obtain environmental approval for a construction project decreases from 12 months
to 6 months.
The estimated time to de-bug a computer application increases from four months to six months.
, Not Selected
The estimated time to receive approval from the Justice Department for a merger increases from 6 months
to 9 months.
, Not Selected
80
0 / 1 point
When implementing an enterprise risk management process, what step should an organization
take first?
Control previously identified risks.
, Not Selected
Incorrect answer:
Monitor and communicate results.
Correct Answer:
Establish its strategy and objectives.
Establish its strategy and objectives.
, Not Selected
Establish a risk management budget.
, Not Selected
81
1 / 1 point
The risk management tactic where the organization classifies its risks into different levels, often
with visual representation, is a(n):
Correct answer:
Risk map
Insurance policy
, Not Selected
Value at Risk (VAR) analysis .
, Not Selected
Risk ranking
, Not Selected
82
0 / 1 point
Which of the following statements about Value at Risk (VaR) is correct?
VaR is a quantitative risk assessment tool.
, Not Selected
Incorrect answer:
VaR cannot be calculated using Monte Carlo simulation.
Correct Answer:
VaR is a quantitative risk assessment tool.
VaR measures historical or retrospective risk rather than future or prospective risk.
, Not Selected
VaR can measured only in terms of cash flow at risk.
, Not Selected
83
1 / 1 point
According to COSO, which of the following has day-to-day responsibility for enterprise risk
management?
Correct answer:
Management
Internal auditors
, Not Selected
External auditors
, Not Selected
The board of directors
, Not Selected
84
1 / 1 point
Which of the following is an example of the event inventories technique of identifying events
Correct answer:
A company considering extending credit to customers consults a list of events related to selling on credit
developed by an industry group.
Creating and analyzing process maps related to granting credit

, Not Selected
Monitoring a customer's account for late payments
, Not Selected
Analysis of past accounts receivable default rates based on customer size

, Not Selected
85
1 / 1 point
A corporation has established a risk management process to help it create, protect, and
enhance shareholder value. Which of the following reflects the best order for that risk process?
Event identification, objective setting, risk assessment, risk response.
, Not Selected
Risk assessment, objective setting, event identification, risk response.
, Not Selected
Correct answer:
Objective setting, event identification, risk assessment, risk response.
Risk assessment, risk response, objective setting, event identification.
, Not Selected
86
1 / 1 point
A landlord owns an office building in a major floodplain. The landlord has decided to sell the
building to a group of investors. The landlord has adopted a risk strategy of
Risk exploitation
, Not Selected
Risk transfer
, Not Selected
Risk reduction
, Not Selected
Correct answer:
Risk avoidance
87
1 / 1 point
The components of enterprise risk management (ERM) should be present and functioning.
What does “present” mean?
I. Components exist in the design of ERM.

II. Components exist in the implementation of ERM.
III. Components continue to operate to achieve strategy and business objectives.
Correct answer:
I and II
I only
, Not Selected
I, II, and III
, Not Selected
II only
, Not Selected
88
1 / 1 point
A company wants to be “best in class” in terms of enterprise risk management (ERM)
implementation. To achieve this goal, the company plans to identify events that affect the
implementation of strategy and achievement of objectives. Which of the following best reflects
an analysis that would help its identification process?
Analysis of default histories and dispersion.
, Not Selected
Correct answer:
Review of incidents and new market conditions.
Review of accidents and operational measures.
, Not Selected
Summary of driving records and age.
, Not Selected
89
1 / 1 point
The CFO at a manufacturer of computer equipment learned last week that the accounting
department has not completed any bank reconciliations for the last 6 months due to the
implementation of a new accounting software package. What type of risk has been identified?
Correct answer:
Operational risk
Financial risk
, Not Selected
Hazard risk
, Not Selected
Strategic risk
, Not Selected
90
1 / 1 point
An entity defines its risk appetite in which component of the COSO ERM framework?
Control environment
, Not Selected
Performance.
, Not Selected
Governance and culture.
, Not Selected
Correct answer:
91
1 / 1 point
A new apartment building was almost complete. There were a few inspections left to pass, and
they did not have a certificate of occupancy. However, the owner felt that they were close
enough that he allowed new tenants to begin moving in. The risk that the owner has created in
this situation is best described as
Operational risk because the remaining inspections could determine that the building is uninhabitable.
, Not Selected
Strategic risk because the remaining inspections could determine that the building is uninhabitable.
, Not Selected
Strategic risk because the owner was not in compliance with laws and regulations.
, Not Selected
Correct answer:
Operational risk because the owner was not in compliance with laws and regulations.
92
1 / 1 point
Which of the following is a true statement about capital adequacy?
Liquidity involves the ability to meet long-term obligations as they become due, solvency involves the
ability to pay for day-to-day operating expenses,
and reserves involve the amount a bank must have on hand to pay depositors .
, Not Selected
Liquidity involves the amount a bank must have on hand to pay depositors, reserves involve the ability to
pay for day-to-day operating expenses, and
solvency involves the ability to meet long-term obligations as they become due.
, Not Selected
Liquidity involves the ability to pay for day-t o-day operating expenses, reserves involve the ability to
meet long-term obligations as they become due,
and solvency involves the amount a bank must have on hand to pay depositors.
, Not Selected
Correct answer:
Liquidity involves the ability to pay for day-to -day operating expenses, solvency involves the ability to
meet long-term obligations as they become due, and reserves involve the amount a bank must have on
hand to pay depositors .
93
1 / 1 point
Enterprise Risk Management (ERM) is closely aligned with corporate governance because it
Identifies and isolates the silos in which risk exists.
, Not Selected
Correct answer:
Identifies which of the organizations’ objectives is at greatest risk.
Reduces the level of acceptable risks to be taken.
, Not Selected
Focuses management’s attention on the risks mitigated.
, Not Selected
94
0 / 1 point
A German clothing retailer sells its products mainly online to customers worldwide. Company
management believes that its primary risk relates to problems with its online website. A
secondary risk is exchange rate volatility. Which one of the following best categorizes the
company’s primary risk and secondary risk?
Operational risk, financial risk.
, Not Selected
Strategic risk, financial risk.
, Not Selected
Incorrect answer:
Hazard risk, operational risk.
Correct Answer:
Operational risk, financial risk.
Operational risk, hazard risk.
, Not Selected
95
1 / 1 point
The underlying premise of the COSO ERM framework is that every organization exists to
Identify and manage risks.
, Not Selected
Maximize profits.
, Not Selected
Correct answer:
Provide value for its stakeholders.
Achieve strategy and business objectives.
, Not Selected
96
1 / 1 point
Which of the following concerning qualitative risk assessment tools is correct?
Correct answer:
Risk identification, risk ranking, and risk mapping are qualitative risk assessment tools .
Risks should only be assessed quantitatively .
, Not Selected
An organization usually uses quantitativ e risk assessment tools at the start of the risk assessment process
and qualitative tools at the end of the
process.
, Not Selected
Qualitative risk assessment tools include Value at Risk (VaR) analysis and earnings distributions analysis.
, Not Selected
97
1 / 1 point
A company that prides itself on its innovation revised an existing popular brand without
conducting sufficient market research. By taking this action, the company exposed itself to what
types of risk?
Correct answer:
Strategic risk and operational risk.
Hazard risk and credit risk.
, Not Selected
Credit risk and strategic risk.
, Not Selected
Operational risk and hazard risk.
, Not Selected
98
0 / 1 point
The ABC Company is assessing the potential loss from a data breach. The following table lists
three possible scenarios, the expected loss under each scenario, and the likelihood of each
scenario.
Minor $100,000 80%
Moderate $400,000 15%
If ABC actually experiences a loss of $400,000 from this data breach, what is the unexpected
loss from the breach?
Incorrect answer:
$400,000
Correct Answer:
$165,000
$1,665,000
, Not Selected
$165,000
, Not Selected
$235,000
, Not Selected
99
1 / 1 point
Which of the following is most correct concerning portfolio management in an Enterprise Risk
Management (ERM) program?
Portfolio management in an ERM context involves managing investments in current assets such as cash
and inventory.
, Not Selected
Correct answer:
Portfolio management in an ERM context involves managing investments in current assets such as cash
and inventory and managing investments in long-term assets such as property, plant, and equipment.
Portfolio management in an ERM context involves managing investments in long-term assets such as
property, plant, and equipment.
, Not Selected
Portfolio management is not related to ERM since portfolio management concerns investments in
securities like stocks and bonds.
, Not Selected
100
0 / 1 point
Which of the following is an example of an operational risk?
Receiving fewer dollars on a sale denominated in a foreign currency due to exchange rate changes
, Not Selected
An employee accidentally emailing salary data throughout the company
, Not Selected
A delivery truck getting into an accident and destroying products
, Not Selected
Incorrect answer:
A firearms manufacturer losing business when many candidates hostile to firearms are elected
Correct Answer:
An employee accidentally emailing salary data throughout the company
101
1 / 1 point
An organization would like to quantify the expected loss that may occur from two events. A
systems analyst estimates that the potential monetary loss from unauthorized alteration of
confidential information in the product development database could be $2,000,000 and has a
5% likelihood of occurrence. In addition, there is a maximum potential loss of $5,000,000 with a
1% likelihood of occurrence if the entire computer lab is destroyed by fire. The total expected
loss of these events is
$100,000
, Not Selected
$50,000
, Not Selected
$0
, Not Selected
Correct answer:
$150,000
102
0 / 1 point
Which statement below best indicates the order of the risk components that should be
implemented in a new Enterprise Risk Management program?
Set risk management strategy and objectives, identify risks, and assess risks.
, Not Selected
Communicate and monitor risks, identify risks, and treat risks.
, Not Selected
Control risks, set risk management strategy and objectives, and monitor risks.
, Not Selected
Incorrect answer:
Assess risks, control risks, and treat risks.
Correct Answer:
Set risk management strategy and objectives, identify risks, and assess risks.
103
0 / 1 point
Which of the following is a way a company can practice risk transfer?
Ending a contract with a supplier suspected of using child labor in a foreign country
, Not Selected
Decreasing the target percentage of sales coming from high-risk, high-return products
, Not Selected
Incorrect answer:
Doubling the number of times a product is inspected before it is delivered to a customer
Correct Answer:
Forming a joint venture to manage the development and sale of a risky product
Forming a joint venture to manage the development and sale of a risky product
, Not Selected
104
0 / 1 point
What is not a goal of risk management?
Reducing surprises and losses.
, Not Selected
Seizing opportunities.
, Not Selected
Reducing cash reserves.
, Not Selected
Incorrect answer:
Improving capital deployment.
Correct Answer:
Reducing cash reserves.
105
1 / 1 point
A company sells medical devices used in cardiac surgery. All its products after packaging are
sent out for gamma irradiation for sterilization. While conducting an enterprise risk management
evaluation, the company’s CFO determined that the company faced an operation risk from
having only one supplier for this service. There were additional concerns that the company
faced the risk that gamma irradiation could be subject to adverse regulatory or consumer
perception changes. The CFO started the processes of qualifying another vendor to supply
gamma irradiation services to minimize the supplier risk. The remaining risk is best described as
Political risk
, Not Selected
Open supplier risk
, Not Selected
Correct answer:
Residual risk
Inherent risk
, Not Selected
106
1 / 1 point
Which of the following actions is least likely to mitigate the risk of loss due to damage to a
manufacturing facility located near a river?
Correct answer:
Moving the production of one product out of the facility and moving the production of another product
into the facility
Taking out a flood insurance policy on the facility
, Not Selected
Reducing the amount of manufacturing work done at the facility
, Not Selected
Moving the facility to a different location away from any bodies of water
, Not Selected
107
1 / 1 point
The Andrew Company is assessing the potential loss from a computer virus. The following table
lists three possible scenarios, the expected loss und er each scenario, and the likelihood of
each scenario.
Minor $50,000 50%

Moderate $150,000 35%
Based on this information , what is the expected loss from this computer virus?
$1,000,000
, Not Selected
$50,000
, Not Selected
Correct answer:
$227,500
$400,000
, Not Selected
108
0 / 1 point
Company management completes event identification and assesses the severity of risk.
Management then acts to alter the severity of risk. According to COSO, which of the following
types of risk does this situation represent?
Actual residual risk
, Not Selected
Inherent risk
, Not Selected
Incorrect answer:
Detection risk
Correct Answer:
Actual residual risk
Event risk
, Not Selected
109
0 / 1 point
Which of the following actions is an example of risk mitigation?
A company borrows money and uses the proceeds to retire equity
, Not Selected
Incorrect answer:
A pharmaceutical company decides to create a joint venture with a partner to launch a risky product
Correct Answer:
A company reduces the check amount requiring two signatures from $10,000 to $5,000
A company reduces the check amount requiring two signatures from $10,000 to $5,000
, Not Selected
A company stops accepting foreign currency as payment for sales
, Not Selected
110
1 / 1 point
A farmers’ cooperative has a large amount of grain that it has gathered from its members and
has stored in silos. Prices for grain are high, but none of the cooperative’s customers is
prepared to purchase any for the next 3 months. In order to hedge against an unfavorable
change in grain prices over the next 3 months, the cooperative will employ a financial risk
management technique known as a
Naked option
, Not Selected
Long hedge
, Not Selected
Correct answer:
Short hedge
Interest rate swap

Arnotts Delicacy Price List

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Arnotts Delicacy Price List

Uploaded by

Copyright:

Available Formats

An organization has two options for dealing with a possible loss.

Option A reduces the expected

Scenario Expected Loss Likelihood

Minor $100,000 30%

Moderate $600,000 50%

Significant $2,000,000 20%

Only selling products and services for cash

Moving a data center away from a flood-prone area

Allowing sales managers to write off uncollectible accounts

Allowing sales managers to write off uncollectible accounts

Risk mapping is performed before risk identification.

A company violating a debt covenant and being in technical default

A company violating a debt covenant and being in technical default

Creating and analyzing process maps related to granting credit

Analysis of past accounts receivable default rates based on customer size

I. Components exist in the design of ERM.

Scenario Expected Loss Likelihood

Minor $100,000 80%

Moderate $400,000 15%

Scenario Expected Loss Likelihood

Minor $50,000 50%

Significant $1,000,000 15%

You might also like