Question No. 1

Organizational information systems, information flows, and formal and informal decision-making processes are all a part of establishing which type of context in regard to the organization?

AExternal

BTechnological

CLocal

DInternal

Show Answer

Correct Answer: D

According to ISO31000 (2018), clause 5., establishing the context involves defining ''the external and internal parameters to be taken into account when managing risk''. The internal context includes ''information systems, information flows and decision-making processes'' among other factors.

Question No. 2

What is typically the day-to-day responsibility of a Chief Risk Officer within a large organisation?

AEnsuring that all key risks are adequately managed and reported.

BPreparing and maintaining individual insurance arrangements

CProducing policies on compliance matters

DProviding assurance that individual risk management processes are effective.

Show Answer

Correct Answer: A

The day-to-day responsibility of a Chief Risk Officer within a large organisation is to ensure that all key risks are adequately managed and reported4. This involves overseeing the implementation of risk management policies, processes and systems across the organisation.

Question No. 3

Which of the following statements about captive insurance companies are correct?

1. A captive cannot act as a reinsurer.

2. A captive can access reinsurance markets.

3. A captive can sometimes offer greater cover than is available in the insurance market.

4. A captive must be located in the same country as its parent company.

A1 and 4.

B1 and 2.

C2 and 3.

Show Answer

Correct Answer: C

According to3, a captive insurance company is ''a wholly owned subsidiary insurer that provides risk mitigation services for its parent company or related entities''.It can act as a reinsurer by accepting risks from other insurers or captives1.It can also access reinsurance markets to transfer some of its own risks1.It can sometimes offer greater cover than is available in the insurance market by tailoring its policies to suit its parent's needs3.It does not have to be located in the same country as its parent company; in fact, many captives are domiciled offshore for tax or regulatory reasons4.

Question No. 4

Risk management is a strategic management process.

ATrue

BFalse

Show Answer

Correct Answer: A

Risk management is a strategic management process2. Risk management helps organizations to align their objectives, strategies, and actions with their external and internal environment.

Question No. 5

Risk management as defined by OCEG GRC model is:

ACapability to set and evaluate performance against objectives

BCapability to proactively identify, assess and address uncertainty and potential obstacles to achieving objectives

CCapability to proactively encourage and ensure compliance with established policies and boundaries

Show Answer

Correct Answer: B

According to1, OCEG GRC model is ''a framework for integrating governance, risk management, compliance and ethics/culture into a single capability''.It defines risk management as ''the capability that enables an organization to understand how uncertainty affects its ability to achieve objectives''2.

Free GAQM ISO-31000-CLA Exam Actual Questions

The questions for ISO-31000-CLA were last updated On Jan 19, 2025