Risk Management

Question 1

What is the fundamental process of Risk Management?

Answer 1

• Identification
• Analysis
• Treatment
• Monitoring
• Reporting

This process involves recognizing and addressing risks that may hinder objectives.

Question 2

What are the steps in the Risk Management Lifecycle?

Answer 2

• Risk Identification
• Risk Analysis
• Risk Treatment
• Risk Monitoring
• Risk Reporting

Each step plays a crucial role in managing risks effectively.

Question 3

What is the goal of Risk Identification?

Answer 3

Create a comprehensive list based on events hindering objectives

It is a proactive process recognizing potential risks.

Question 4

What does Risk Analysis evaluate?

Answer 4

• Likelihood
• Potential impact

It can use qualitative or quantitative methods to prioritize risks.

Question 5

What are the strategies involved in Risk Treatment?

Answer 5

• Avoidance
• Reduction
• Sharing
• Acceptance

Strategy choice is based on potential impact and risk tolerance.

Question 6

What is the purpose of Risk Monitoring?

Answer 6

Ongoing process tracking identified risks

It ensures dynamic responsiveness to organizational changes.

Question 7

What is the significance of Risk Reporting?

Answer 7

Communicate risk information and effectiveness of risk management to stakeholders

It is crucial for accountability and informed decision-making.

Question 8

What are the types of Risk Assessment Frequency?

Answer 8

• Ad-hoc
• Recurring
• One-time
• Continuous

Frequency varies based on organization nature and types of risks involved.

Question 9

What is the Business Impact Analysis (BIA)?

Answer 9

• Evaluates effects of disruptions on business functions
• Identifies and prioritizes critical functions
• Assesses impact of risks on functions
• Determines required recovery time for functions

Key metrics include Recovery Time Objective (RTO) and Recovery Point Objective (RPO).

Question 10

What does a Risk Register record?

Answer 10

• Identified risks
• Descriptions
• Impacts
• Likelihoods
• Mitigation actions

It is a key tool in risk management facilitating communication and risk tracking.

Question 11

Define Risk Tolerance/Risk Acceptance.

Answer 11

Willingness to deal with uncertainty in pursuit of goals

It represents the maximum amount of risk an organization is willing to accept.

Question 12

What are the four primary risk management strategies?

Answer 12

• Risk Transference
• Risk Acceptance
• Risk Avoidance
• Risk Mitigation

Each strategy addresses risk in different ways.

Question 13

What is Qualitative Risk Analysis?

Answer 13

Assesses risks based on potential impact and likelihood

It categorizes risks as high, medium, or low and relies on expertise.

Question 14

What does Quantitative Risk Analysis provide?

Answer 14

Objective and numerical evaluation of risks

It is used for financial, safety, and scheduling decisions.

Question 15

What is the Annualized Loss Expectancy (ALE)?

Answer 15

Expected annual loss from a risk

Calculated as Single Loss Expectancy (SLE) x Annualized Rate of Occurrence (ARO).

Question 16

What is the purpose of Risk Monitoring and Reporting?

Answer 16

• Tracking identified risks
• Monitoring residual risks
• Identifying new risks
• Evaluating risk response plans

It helps determine Residual Risk and Control Risk.

Question 17

What does Residual Risk refer to?

Answer 17

Likelihood and impact of the risk after mitigation, transference, or acceptance measures

It assesses the remaining risk after actions have been taken.