Question 1

Who ensures the involvement of the board in major decisions in an enterprise?

Options :

A : CEO

B : CFO

C : Executive committee

D : COO

Answer: C

Question 2

What does risk analysis assess in the context of risk scenario development?

Options :

A : The detectability and reactiveness of the enterprise

B : The frequency and impact of identified scenarios

C : The development of relevant and manageable risk scenarios

D : The identification of systemic and contagious risks

Answer: B

Question 3

Which activity is commonly linked with analyzing Information and Technology (I&T) related risks?

Options :

A : Estimating the frequency and impact of I&T-related risk scenarios.

B : Identifying potential vulnerabilities within the I&T infrastructure and systems.

C : Documenting IT controls that mitigate similar risk types.

D : Cataloging I&T-related risk scenarios.

Answer: A

Question 4

What is the primary focus of I&T risk scenarios?

Options :

A : To describe potential IT-related events and their business impacts

B : To conduct interviews with potential pitfalls

C : To analyze financial assets and their potential risks

D : To identify potential threats and vulnerabilities

Answer: A

Question 5

What is a benefit of using the top-down approach in enterprise risk management?

Options :

A : Focusing on hypothetical situations envisioned by the people performing job functions

B : Identifying and analyzing risk events specific to individual enterprise situations

C : Developing concrete, customized scenarios based on enterprise context

D : Easier to achieve management buy-in even if management is not interested in IT

Answer: D