Quiz-summary
0 of 10 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
Information
Managing Operational Risk in Financial Institutions
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 10 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- Answered
- Review
-
Question 1 of 10
1. Question
What are the major areas you will consider when identifying product opportunities except one?
Correct
Successfully identifying a Product Opportunity Gap is a combination of art and science. It requires a constant sweep of a number of factors in three major areas: Social trends, Economic forces, and Technological advancement.
Incorrect
Successfully identifying a Product Opportunity Gap is a combination of art and science. It requires a constant sweep of a number of factors in three major areas: Social trends, Economic forces, and Technological advancement.
-
Question 2 of 10
2. Question
Fraud can be generally characterized as an intentional act, misstatement, or omission designed to deceive others, resulting in the victim suffering a loss or the perpetrator achieving again. What categories of fraud could a company fall victim to? (Select all that applies)
Correct
Fraud schemes are often ongoing crimes that can go undetected for months or even years and can be time-consuming and costly to address. It is often difficult to fully understand and quantify the extent of the fraud and the harm caused. Measuring losses associated with fraud is often an inexact process. Typically, the true cost of fraud is greater than the direct financial loss, given the time and expense to investigate, loss of productivity, potential legal and compliance costs associated with remediation, and impact on a bank’s reputation.
Incorrect
Fraud schemes are often ongoing crimes that can go undetected for months or even years and can be time-consuming and costly to address. It is often difficult to fully understand and quantify the extent of the fraud and the harm caused. Measuring losses associated with fraud is often an inexact process. Typically, the true cost of fraud is greater than the direct financial loss, given the time and expense to investigate, loss of productivity, potential legal and compliance costs associated with remediation, and impact on a bank’s reputation.
-
Question 3 of 10
3. Question
Detective controls are important because even with strong governance and oversight, collusion or circumvention of internal controls can allow fraud to occur. Preventive controls are designed to deter fraud or minimize its likelihood. The following are some examples of preventive control? (Select all that applies)
Correct
Bank management should periodically assess the likelihood and impact of potential fraud schemes and use the documented results of this assessment to inform the design of the bank’s risk management system and evaluate fraud control activities. Policies should clearly define, establish, and communicate the board’s and senior management’s commitment to fraud risk management. Processes should be designed to anticipate fraud and deploy a combination of preventive controls and detective controls.
Incorrect
Bank management should periodically assess the likelihood and impact of potential fraud schemes and use the documented results of this assessment to inform the design of the bank’s risk management system and evaluate fraud control activities. Policies should clearly define, establish, and communicate the board’s and senior management’s commitment to fraud risk management. Processes should be designed to anticipate fraud and deploy a combination of preventive controls and detective controls.
-
Question 4 of 10
4. Question
What detective controls are designed to identify and respond to fraud after it has occurred? (Select all that applies)
Correct
The Detective controls that are designed to identify and respond to fraud after it has occurred are: Models, monitoring systems, or reports designed to detect fraudulent activity across all lines of business and functions (e.g., exception reports, unusual card activity, unauthorized transactions, file maintenance reports, fee waiver analysis, and employee surveillance processes [account monitoring, system access patterns, and overrides]) and Data analytics (e.g., loss data analysis, transactions, fee waivers, interest is forgiven, charge-offs, errors, and consumer complaint data)
Incorrect
The Detective controls that are designed to identify and respond to fraud after it has occurred are: Models, monitoring systems, or reports designed to detect fraudulent activity across all lines of business and functions (e.g., exception reports, unusual card activity, unauthorized transactions, file maintenance reports, fee waiver analysis, and employee surveillance processes [account monitoring, system access patterns, and overrides]) and Data analytics (e.g., loss data analysis, transactions, fee waivers, interest is forgiven, charge-offs, errors, and consumer complaint data)
-
Question 5 of 10
5. Question
What are the possible consequences of not being proactive in implementing risk management practices in business? (Select all that applies)
Correct
Customers are what keeps the lights on at any organization. If there is dissatisfaction for any reason, they will pick up and move their business to a competitor, and they are likely to be vocal about the situation on social media. This consequence of ignoring risk management is similar to customer dissatisfaction, but its impact is more significant since it usually involves nefarious activities within an organization instead of a mere mishap.
Incorrect
Customers are what keeps the lights on at any organization. If there is dissatisfaction for any reason, they will pick up and move their business to a competitor, and they are likely to be vocal about the situation on social media. This consequence of ignoring risk management is similar to customer dissatisfaction, but its impact is more significant since it usually involves nefarious activities within an organization instead of a mere mishap.
-
Question 6 of 10
6. Question
An organizations policy regarding information security governance should recognize the following except?
Correct
Information security governance encompasses all business assets, as well as their risk and threats, including information, processes, people, services, IT, and reputation. Thus, information security governance involves a risk management process, which includes IT risks, human resource risks and so on. So, from the point of risk, information security governance has a greater scope than IT governance and its line of reporting is direct to the company board of directors and stakeholders.
Incorrect
Information security governance encompasses all business assets, as well as their risk and threats, including information, processes, people, services, IT, and reputation. Thus, information security governance involves a risk management process, which includes IT risks, human resource risks and so on. So, from the point of risk, information security governance has a greater scope than IT governance and its line of reporting is direct to the company board of directors and stakeholders.
-
Question 7 of 10
7. Question
Which of the following options define Liquidity risk?
Correct
Liquidity risk arises from situations in which a party interested in trading an asset cannot do it because nobody in the market wants to trade for that asset. Liquidity risk becomes particularly important to parties who are about to hold or currently hold an asset since it affects their ability to trade.
Incorrect
Liquidity risk arises from situations in which a party interested in trading an asset cannot do it because nobody in the market wants to trade for that asset. Liquidity risk becomes particularly important to parties who are about to hold or currently hold an asset since it affects their ability to trade.
-
Question 8 of 10
8. Question
You have just been employed as the Enterprise Risk Manager in Bleu Ciel company ltd, you were given the organizations risk information, Risk Tolerance and its tolerance threshold. In analysing the risks that exceed the risk tolerance, which of the following questions will you consider? (Select all that applies)
Correct
Risks that exceed the Risk Tolerance and can be reduced further will require resources (money, people, and/or time), sometimes at a level that a business unit cannot easily absorb losses without impacting other activities. Working with the responsible business units to prioritize those identified risks for action brings clarity to the exercise.
Incorrect
Risks that exceed the Risk Tolerance and can be reduced further will require resources (money, people, and/or time), sometimes at a level that a business unit cannot easily absorb losses without impacting other activities. Working with the responsible business units to prioritize those identified risks for action brings clarity to the exercise.
-
Question 9 of 10
9. Question
The following are the three lines of defence with respect to the organisational structures for the management of operational risk except one?
Correct
The first line of defence is risk management within the front office, which is the primary source of income in banks. So, for example, in case of credit, those who make lending decisions should be responsible for lending prudently; The second line of defence includes support functions, such as compliance, legal, human resources (HR), and especially the central risk management organisation, and
The third line of defence is an internal audit, which focuses on the observation and evaluation of the effectiveness of risk management as well as other conduct within the business (internal audit reports primarily to the audit committee, but to the risk committee on compliance with risk controls).Incorrect
The first line of defence is risk management within the front office, which is the primary source of income in banks. So, for example, in case of credit, those who make lending decisions should be responsible for lending prudently; The second line of defence includes support functions, such as compliance, legal, human resources (HR), and especially the central risk management organisation, and
The third line of defence is an internal audit, which focuses on the observation and evaluation of the effectiveness of risk management as well as other conduct within the business (internal audit reports primarily to the audit committee, but to the risk committee on compliance with risk controls). -
Question 10 of 10
10. Question
What fundamental issues should be considered by directors in order to ensure that internal audit maximises its contribution to good governance? (Select all that applies)
Correct
Before considering the detailed recommendations of this guidance, it is important to stress the four fundamental issues that should be considered by directors in order to ensure that internal audit maximises its contribution to good governance:
Internal audit should have a functional reporting line to the board or one of its committees, making it independent of the executive, able to make objective judgements and giving it the authority to conduct its work across the whole organisation without constraint. To work effectively it also needs a close relationship with the Chief Executive and should have access to management information going to the executive committee and board.Internal audit must be properly resourced, including ensuring a consistently high level of professionalism and quality based on the International Standards, plus appropriate knowledge, skills and experience.
Internal audit should use a risk-based approach in developing and executing the internal audit plan in order to focus on the greatest threats to the organisation.
Internal audit’s scope should be unrestricted, including all areas of risk – such as key corporate events, culture and ethics, reputation, new products and the outcomes of processes. The following recommendations for directors are consistent with the globally recognised International Standards.
Incorrect
Before considering the detailed recommendations of this guidance, it is important to stress the four fundamental issues that should be considered by directors in order to ensure that internal audit maximises its contribution to good governance:
Internal audit should have a functional reporting line to the board or one of its committees, making it independent of the executive, able to make objective judgements and giving it the authority to conduct its work across the whole organisation without constraint. To work effectively it also needs a close relationship with the Chief Executive and should have access to management information going to the executive committee and board.Internal audit must be properly resourced, including ensuring a consistently high level of professionalism and quality based on the International Standards, plus appropriate knowledge, skills and experience.
Internal audit should use a risk-based approach in developing and executing the internal audit plan in order to focus on the greatest threats to the organisation.
Internal audit’s scope should be unrestricted, including all areas of risk – such as key corporate events, culture and ethics, reputation, new products and the outcomes of processes. The following recommendations for directors are consistent with the globally recognised International Standards.