Introduction to Risk Management and MCQ

Chapter 1 Introduction to Enterprise Risk Management

1) A Pure Risk is defined as:
A) an event that offer no opportunity for financial gain
B) the chance a loss will occur
C) a diversifiable risk
D) a contingency that increases the chance of a loss
Answer: A

2) All the following are direct losses except:

A) a car is stolen
B) a house suffers flood damage
C) an apartment must be rented after a house is destroyed by fire
D) a business loses $100,000 in a law suit
Answer: C

3) All the following are direct losses except:

A) a house is burglarized
B) a store loses $200,000 in sales because a fire closes it down for two weeks
C) a corporation must pay $1 million in ransom when its CEO is kidnapped
D) an delivery truck needs $15,000 in repairs after a collision
Answer: B

4) Which of the following is not an example of a Catastrophic Loss Event?

A) Hurricane Katrina
B) Death of Michael Jackson
C) September 11, 2001 terror attacks
D) 2004 Tsunami in the Indian Ocean
Answer: B
5) Which of the following is not a method of protection of risk?
A) Group insurance plans
B) Employee benefits
C) Social insurance
D) Humanitarian aid Answer: D
6) Defective electrical wiring that may lead to a fire is an example of a:
A) pure risk
B) non-diversifiable risk
C) speculative risk
D) physical hazard
Answer: D
7) Risk Pooling is an example of:
A) a Catastrophic Loss Event
B) diversifying risk
C) a speculate risk
D) applying the risk-return trade-off
Answer: B
8) Which of the following is a false statement?
A) Risk averse people will pay an insurance premium that is greater than the
mathematically fair chance of loss in order to relieve themselves of uncertainty.
B) A risk seeker is willing to assume risk.
C) The mathematically fair price for insurance is the objective risk for the insurer
multiplied by the maximum possible loss.
D) Insurance is never a mathematically fair trade because the insurer adds several
operating and other costs to loss costs when it calculates the premium.
Answer: D

9) Which of the following is not a hazard?

A) Storing one ton of dynamite in a garage
B) Bad diet (eating lots of junk food)
C) Skating on thin ice
D) Getting shot accidentally while deer hunting
Answer: D
10) The correct order of the steps in the Risk Management Process is:
A) Establish Goals, Identify Potential Loss Exposure, Measure Potential Loss
Exposure, Choose Risk Handling Techniques, Implement Techniques and Monitor
Effectiveness
B) Establish Goals, Choose Risk Handling Techniques, Identify Potential Loss
Exposure, Measure Potential Loss Exposure, Implement Techniques and Monitor
Effectiveness
C) Establish Goals, Choose Risk Handling Techniques, Measure Potential Loss
Exposure, Identify Potential Loss Exposure, Implement Techniques and Monitor
Effectiveness
D) Establish Goals, Measure Potential Loss Exposure, Identify Potential Loss
Exposure, Choose Risk Handling Techniques, Implement Techniques and Monitor
Effectiveness
Answer: A

11) Assume that 1000 students, all healthy, all age 22, and all male, form a life
insurance pool to pay $500 to the beneficiaries of any member who dies in the next
365 days. The chance of loss or probability of death for the members of this group is
.002. To join the pool a member must pay: (Disregard interest earnings and reserves
and assume expenses of operating the insurance pool are 30% of losses).
A) $1
B) $1.30
C) $3
D) $2.28
Answer: B
Diff: 3

12) Which of the following is not a type of risk when identifying a pure risk?
A) Retention Risk
B) Property Risk
C) Liability Risk
D) Human Resource Risk
Answer: A

13) Which of the following is a true statement?

A) Liability risks are risks associated with building calamities.
B) Theft is a diversifiable risk.
C) Most individuals in the industrialized countries carry no insurance.
D) The Law of Large Numbers is used in Risk Pooling.
Answer: D
14) Loss Transfer means:
A) shifting the financial consequences of a loss to a third party
B) shifting the financial consequences of a loss to a self-insurance program
C) shifting the financial consequences of a loss to a well-diversified portfolio
D) shifting the financial consequences of a loss to more wealthy group of people
Answer: A
Diff: 2

15) Which of the following is not a risk handling technique?

A) Loss control
B) Loss diversification
C) Loss transfer
D) Loss financing
Answer: B
16) Which of the following potential losses is not an example of a pure risk?
A) Loss of a home by fire
B) Theft of a car
C) Loss of $10,000 in the stock market
D) Theft of your wallet containing $100
Answer: C
Diff: 2

17) Enterprise Risk Management:

A) is only applicable to insurance firms
B) is an outdated method of dealing with risk
C) works best when evaluating risks is distinct company silos
D) is a process that examines all risks collectively
Answer: D
Diff: 2

18) Which of the following is not a direct social benefit of the insurance mechanism?
A) Increased business and social stability
B) Better allocation of society's resources
C) Better choice of optimum size of business operations
D) Lower federal and state income taxes
Answer: D
Diff: 2

19) The ideal insurance system:

A) reduces the probability of accidental and fortuitous losses due to increased
predictability
B) requires the transfer of a large number of exposures to loss to a pool, where a
fund exists in advance of losses having to be paid
C) works best when a large proportion of the participants in the pool submits a claim
D) eliminates all hazards
Answer: B
Diff: 2

20) Catastrophic losses are not insured by the private insurance industry because:
A) if a truly catastrophic loss occurs, it can threaten the solvency of the insurer
B) catastrophic losses can result from an individual's moral hazard
C) the federal government wants to insure catastrophic losses
D) the losses require foreign reinsurance companies to operate in the U.S.
Answer: A
Diff: 2
21) Which one of the following losses is an indirect loss?
A) Damage to a car when a tree falls on it
B) Loss caused by an arsonist who burns down a building to collect insurance
proceeds
C) Monetary losses due to the inability to produce and sell goods when a machine is
destroyed
D) Monetary losses due to a legal liability claim
Answer: C
Diff: 2

22) Diversifiable risk is defined as:

A) risk with two possible outcomes
B) risk with three possible outcomes
C) an individual's perception of risk
D) none of the above
Answer: D
Diff: 3

23) Why is a large number of exposure units generally required for a risk to be
insurable?
A) It allows the insurer to accurately predict the aggregate dollar amount of loss.
B) It allows for at least some losses to occur.
C) It reduces speculative risk.
D) It reduces both the speculative risk and pure risk.
Answer: A
Diff: 2

24) Why is a large number of exposure units generally required for a risk to be
insurable?
A) It prevents the insurer from losing money.
B) It guarantees that losses will be unintentional and measurable.
C) It enables the insurer to better predict the frequency and severity of losses
(moderate).
D) It minimizes physical hazards.
Answer: C
Diff: 2

25) Examine the following list of "risks." Determine which of these are "pure risks."
I. The risk that your antique Corvette will depreciate in market value
II. The risk that you will have a collision in your Corvette, thus causing you to spend
thousands of dollars in repair costs
III. The risk that someone will steal your Corvette
IV. The risk that you will buy a house and lightning will strike your roof, thus causing
you to have to purchase a new roof
V. The risk that you will invest your life savings in a business venture that fails, thus
causing you to lose your entire investment
A) I, II, III, IV, and V
B) I, II, and IV
C) I, II, III, and IV
D) II, III, and IV
Answer: D
Diff: 3

26) The law of large numbers states that as the number of exposure units increases:
A) accuracy of predictions should improve
B) the chance of loss declines
C) Speculative risk increases
D) the number of accidents decreases
Answer: A
Diff: 3

27) Which of the following is an accurate definition of "insurance"?

A) A savings account designed to protect you in the event of a rainy day
B) A financial arrangement that redistributes the costs of unexpected losses among a
pool of insureds
C) A communist plot to destroy capitalist enterprise
D) A contractual agreement in which the insurer agrees to pay the insured only if the
insured requests the money
Answer: B
Diff: 2
28) An insurance applicant dying from cancer is not likely to be insured because:
A) the loss is not definite as to time and place
B) the probability of loss varies daily, ultimately reaching 1.0
C) the loss would be catastrophic for the insurer
D) the loss is certain to occur and the price for coverage would be uneconomical
Answer: D
Diff: 2

29) What is the fundamental function of the insurance company—in other words,
what is it the insurance company does that makes the insurance mechanism work?
A) It pools those insureds having similar risks, and predicts the losses that those in
the pool will suffer.
B) It pools any insureds who wish to purchase insurance, and attempts to predict the
losses that those in the pool will suffer.
C) It redistributes government subsidies to those who have suffered catastrophes.
D) It eliminates the process of underwriting in order to sell insurance to as many
people as possible, thus providing insureds with a huge quantity discount.
Answer: A
Diff: 2

30) There are four basic components of an insurance premium. Which of the
following is not one of those components?
A) Losses suffered by the members of the insurance pool
B) Law of large numbers
C) An allowance for unexpected losses
D) Earnings on investments
Answer: B
Diff: 2

31) Enterprise Risk Management is typically described as having the following

characteristics, except:
A) a top-down corporate focus
B) a broad scope of loss exposures
C) a portfolio perspective
D) a loose approach to risk identification, assessment, and treatment
Answer: D
Diff: 1

32) In the context of ERM, hazard risk is defined as:

A) being associated with the strategic direction of a firm
B) being associated with the operations of a firm
C) adverse financial losses associated with diversifiable risks.
D) adverse financial losses associated with pure risks.
Answer: D
Diff: 3

33) In the context of ERM, which of the following is an example of hazard risk?
A) Human Resource losses
B) Property losses
C) Liability losses
D) Supply Chain interruption losses
Answer: D
Diff: 3

34) Arthur is driving home from work when he runs off the road and hits a telephone
pole. These are the losses he suffers: $12,000 to repair the damage to his car, and,
$800 to rent a car while his car is being repaired. What is the correct name for each
of these losses?
A) The $12,000 is an indirect loss, and the $800 is a direct loss.
B) The $12,000 is a direct loss, and the $800 is also a direct loss.
C) The $12,000 is a direct loss, and the $800 is an indirect loss.
D) The total loss of $12,800 is a direct loss.
Answer: C
Diff: 2

35) Which of the following is not an example of a speculative risk?

A) Purchase of an insurance policy
B) Investment in common stocks
C) Operating a business for profit
D) Investment in banana futures
Answer: A
Diff: 1
36) The most difficult and important step in the risk management process generally
is:
A) evaluating risk
B) reviewing the program
C) selecting the best method(s) to handle the risk
D) identifying the risk
Answer: D
Diff: 1

37) A "pure risk" is defined as a situation where there is the possibility:

A) of loss or no change
B) of profit or no change
C) of profit or loss
D) that actual losses will deviate from expected losses
Answer: A
Diff: 2

38) Loss prevention and control:

A) eliminate risk
B) are an alternative to self insurance
C) reduce the probability and severity of loss
D) directly minimize the probability of a natural disaster occurring
Answer: C
Diff: 2

39) Loss prevention is the best risk management tool when the chance of loss is
________ and the potential loss severity is ________.
A) high, high
B) high, low
C) low, low
D) low, high
Answer: B
Diff: 2

40) Risk retention is not a good idea if:

A) the risk is unimportant
B) you did not identify the risk
C) the frequency is so low it almost will never happen
D) the exposure is potentially catastrophic
Answer: D
Diff: 2
41) Which of the following would not normally be identified in the risk management
process?
A) Property exposures
B) Speculative exposures
C) Indirect loss exposures
D) Operations exposures
Answer: B
Diff: 2

42) The primary reason the insurance mechanism functions successfully is the:
A) existence of hazard risks
B) ease with which losses can be measured
C) predictability of losses via the law of large numbers
D) existence of many non-industrial nations
Answer: C
Diff: 2

43) If the chance of loss is high and loss severity is high, generally the most
appropriate risk management tool is:
A) risk transfer
B) risk reduction
C) risk assumption
D) risk avoidance
Answer: D
Diff: 2

44) The Chief Risk Officer is concerned primarily with the management of:
A) operational risks
B) financial risks
C) strategic risks
D) all of the above
Answer: D
Diff: 1

45) Which of the following best describes a pure risk?

A) An uncontrollable risk that cannot be insured
B) The outcome will either be a loss or no change
C) The outcome will be either a loss or a gain
D) A risk with three possible outcomes
Answer: B
Diff: 2
46) When faced with a risk of loss that is low frequency-high severity in nature, a
prudent risk manager would choose which of the following methods for handling the
loss exposure?
A) self-insure
B) avoidance
C) transfer
D) mediate
Answer: C
Diff: 2

47) If you were the risk manager of the World Trade Center buildings, what loss
prevention or reduction technique could you have implemented before the 9/11/01
tragedy that might have made a significant difference in the number of lives lost?
A) Guards on the roof of each building
B) Evacuation procedures that required everyone to leave after any sign of loss
C) Stronger exterior building materials
D) Better background screening of all who were allowed to work in the building
Answer: B
Diff: 3

48) Risk diversification is based on the principle that:

A) one should not be exposed to only one event
B) one should put all her "eggs in one basket"
C) risk can be measured subjectively
D) pure risk seldom happens
Answer: A
Diff: 1

49) Which of the following is not a goal of the government, employer or employee in
providing employee benefits?
A) Raise tax revenue
B) Provide security for employees
C) Retain, attract and compensate employees
D) Encourage savings for retirement
Answer: A
Diff: 2

50) If a person installs an automatic sprinkler system to prevent serious fire damage,
this action can be considered "insurance" as defined in the text.
Answer: FALSE
Diff: 2

51) Hazards may increase either the frequency or the severity of losses.
Answer: TRUE
Diff: 1
52) A flood is an example of a non-diversifiable risk.
Answer: TRUE
Diff: 2

53) In general, aggregate losses must be predictable in advance for an insurance

system to work properly.
Answer: TRUE
Diff: 1

54) Risk averse people have a tendency to shy away from insurance.
Answer: FALSE
Diff: 3

55) "Loss" and "chance of loss" are terms with the same meaning.
Answer: FALSE
Diff: 2

56) Volcanoes have catastrophic loss potential because they are limited in
geographic impact.
Answer: TRUE
Diff: 2

57) The law of large numbers allows the insurer to predict aggregate dollar losses in
advance of their occurrence.
Answer: TRUE
Diff: 2

58) Insurance companies utilize the law of large numbers to reduce the chance of
loss for their insureds.
Answer: FALSE
Diff: 3

59) Most speculative risks are insurable.

Answer: FALSE
Diff: 1
60) One reason catastrophes are difficult to insure is because the damage is so
unpredictable.
Answer: TRUE
Diff: 2

61) Speculative risks refer to those events which can only result in loss.
Answer: FALSE
Diff: 2

62) Employee benefits have been strengthened in the last few years.
Answer: FALSE
Diff: 2

63) Enterprise Risk Management is a comprehensive approach to corporate risk.

Answer: TRUE
Diff: 1

64) The first step in the Risk Management Process is choosing appropriate risk
handling techniques.
Answer: FALSE
Diff: 2

65) Enterprise Risk Management is the response of the accounting profession to

corporate fraud.
Answer: TRUE
Diff: 2

66) Explain the financial definition and the legal definition of "insurance."
Answer: Financially, insurance is an arrangement which redistributes the cost of a
few losses among many who contribute to a pool. Legally, insurance is a contractual
arrangement where one party agrees to indemnify another if a loss occurs.
Diff: 2

67) Why is Enterprise Risk Management so important for firms?

Answer: There has been a clear breakdown in corporate governance and ERM
provides a solution by examining all risks in the firm collectively and by elevating the
analyses to the highest level in the corporation. This way the people in the corporate
boardroom can no longer escape responsibility.
Diff: 2

68) Explain briefly the law of large numbers.

Answer: The law of large numbers is a mathematical rule that explains how
insurance companies operate and are able to predict aggregate losses. The law says
that the larger the sample size (the more exposures pooled together), the more
closely the predicted result will equal the actual result.
Diff: 2

69) Describe the Risk Management Process.

Answer: The Risk Management Process is a systematic approach by which an
organization can identify and manage its exposure to risk in ways that best fit its
strategic goals. Most follow a set of five steps, namely: 1) Establish the Goals of the
Risk Management Function, 2) Identify Potential Loss Exposures, 3) Measure
Potential Loss Exposures, 4) Choose Risk Handling Techniques, and 5) Implement
Techniques and Monitor Effectiveness.
Diff: 2

70) Discuss risk reduction through diversification.

Answer: Diversification reduces risk by not putting all of one's eggs in one basket,
but instead spreading them across multiple baskets. By doing this, an unfavorable
event, in this case dropping a basket, will not lead to all of the eggs being broken, but
only one. Hence risk is being reduced since a large loss will be less likely to occur.
Diff: 2

71) What are the three basic methods of dealing with risk in the risk management
process?
Answer: The only three alternatives to risk are to 1) avoid, 2) retain, or 3) transfer.
All other methods are extensions or combinations of these three. Self-insurance is
retention. Loss control (prevention and/or reduction) on the other hand is used to
reduce the frequency and/or severity of losses, regardless of whether the exposure
has been retained or transferred. This decision is usually subject to a cost benefit
analysis.
Diff: 2
 MCQ – RISK MANAGEMENT
1. A bank suffers loss due to adverse market movement of a security. The security was however
held beyond the defeasance period. What is the type of the risk that the bank has suffered ?

(i) Market Risk

(ii) Operational Risk*
(iii) Market Liquidation Risk
(iv) Credit Risk

2. 8% Government of India security is quoted at RS 120/- The current yield on the security, will
be----

(i) 12%
(ii) 9.6%
(iii) 6.7%*
(iv) 8%

3. A company declares RS 2/- dividend on the equity share of face value of RS 5/-. The share is
quoted in the market at Rs 80/- the dividend yield will be----

(i) 20%
(ii) 4%
(iii) 40%
(iv) 2.5%

4. From following table find number of accounts that have suffered rating migration during 2006-
07
Last No. of Present Rating
Rating Accounts A++ A+ A B+ B C Default
A 100 1 1 79 10 4 3 2

(i) 2
(ii) 19*
(iii) 21
(iv) 25

5. A debenture of face value of As. 100 carries a coupon of 15%. If the current yield is 12.5%.
What is the current market price ?

(i) Rs.100
(ii) Rs.120*
(iii) Rs.150
(iv) Rs.125

6. An increase in cash reserve ratio will cause yield curve to

(i) Shift downward *

(ii) Remain unchanged
(iii) Become steeper
(iv) Become flatter

7. When interest rates go up, prices of fixed interest bonds –

(i) Go up
 (ii) Go down*
(iii) Remain unchanged

8. VaR is not enough to assess market risk of a portfolio. Stress testing is desirable because

(i) It helps in calibrating VaR module

(ii) It helps as an additional risk measure
(iii) It helps in assessing risk due to abnormal movement of market
parameters*
(iv) It is used as VaR measure is not accurate enough

9. Large Government borrowing can cause yield curve to shift upward.

i. False
ii. True *
iii. Difficult to say
iv. Remains same

10. A fall in interest rates reduces the demand for bonds in the secondary market

i. False
ii. True
iii. Difficult to say*
iv. Demand is unaffected
11. A transaction where financial securities are issued against the cash flow generated from a
pool of assets is called

(i) Securitization*
(ii) Credit Default Swaps
(iii) Credit Linked Notes
(iv) Total Return Swaps

12. Operational Risk does not arise from

1) Inadequate or failed internal processes

2) People and systems
3) External Events
4) Defaults by own customers*

13. 12% Government of India security is quoted at Rs.120. If interest rates go down by 1%, the
market price of the security will be.....

(i) Rs. 120

(ii) Rs.133.3 *
(iii) Rs. 109
(iv) Rs. 140

14. A bank expects fall in price of a security if it sells it in the market. What is the risk that the
bank is facing ?

(i) Market risk

(ii) Operational risk
(iii) Asset Liquidation risk*
(iv) Market liquidity risk
15. 1 day VaR of a portfolio is Rs.500,000 with 95% confidence level. In a period of six months
(125 working days) how many times the loss on the portfolio may exceed Rs.500,000 ?

(i) 4 days
(ii) 5 days*
(iii) 6 days
(iv) 7 days

16. 11% Government of India security is quoted at Rs. 110, the yield will be –

(i) 11%
(ii) 10%*
(iii) 9%
(iv) None of these

17. Systemic risk is the risk due to

(i) Failure of a bank, which is not adhering to regulations

(ii) Failure of two banks simultaneously due to bankruptcy of one bank
(iii) Where a group of banks fail due to contagion effect
(iv) Failure of entire banking system*

18. Back testing is done to

(i) Test a model

(ii) Compare model results and actual performance*
(iii) Record performance
(iv) None of the above

19. Falling interest rates cause NAVs of debt mutual fund to go down.

i. False*
ii. True
iii. Difficult to say
iv. I do not know
20. Capital charge for credit risk requires input for PD, LGD, EAD and M. Under advanced IRB
approach, who provide the input for LGD.

(i) Bank *
(ii) Supervisor
(iii) Function provided by BCBS
(iv) None of the above

21. A debenture of Rs.100 carrying 15% coupon rate is quoted in the market at Rs.135/-. The
current yield on this debenture will be

(i) 13.5%
(ii) 15%
(iii) 11.11%*
(iv) 10%

22. Investment in Post Office time deposit is

(i) Zero risk investment*

(ii) Low risk investment
(iii) Medium risk investment
 (iv) High risk investment

23. Premature payment of a term loan will result in interest rate risk of type

(i) Basis risk

(ii) Yield curve risk
(iii) Embedded option risk*
(iv) Mismatch risk
24. A company with equity capital of Rs.50 crores (Face Value of Rs.10/- per share) makes gross
profit of Rs.70 crores and net profit after tax of Rs.25 crores. If the market price of its
equity share is Rs.50, the PE ratio will be

(i) 50
(ii) 5
(iii) 10*
(iv) 20

25. Daily volatility of a stock is 1%. What is its 16 days volatility approximately ?

(i) 3%
(ii) 10%
(iii) 1%
(iv) 4%*

26. Capital charge component of pricing accounts for

1) Cost of capital
2) Internal generation of capital
3) Capital that is required to be provided

Which of the following is true.?

(i) All the statements are correct

(ii) Statements 1 and 2 are correct
(iii) Statements 2 and 3 are correct
(iv) Statement 3 is correct *

27. A bank funds its assets from a pool of composite liabilities. Apart from credit and operational
risks, it faces

(i) Basis risk*

(ii) Mismatch risk
(iii) Market risk
(iv) Liquidity risk

28. A branch sanctions Rs.1 core loan to a borrower, which of the following risks the branch is
taking
1) Liquidity risk
2) Interest rate risk
3) Market risk
4) Credit risk
5) Operational risk

(i) All of them

(ii) 1,2 and 3 only
(iii) 1,4 and 5 only
(iv) 1,2,4 and 5 only*
29. Financial Risk is defined as

(i) Uncertainties resu1ting in adverse variation of profitability or outright

losses*
(ii) Uncertainties that result in outright losses
(iii) Uncertainties in cash flow
(iv) Variations in net cash flows

30. Strategic Risk is a type of

(i) Interest Rate Risk

(ii) Operation Risk
(iii) Liquidity Risk
(iv) None of the above*

31. A mutual fund charges 1% entry load and no exit load. Its NAV is Rs.16; its sale and
repurchase price will -----

(i) Rs.16 and Rs.15.80

(ii) Rs.16.16 and Rs.15.84
(iii) Rs.15.84 and Rs.16
(iv) Rs.16.16 and Rs.16*

32. Asset Liability management is only management of maturity mismatch and has no bearing on
profit augmentation.

(i) True
(ii) False*
(iii) Difficult to say

33. A company with equity capital of Rs.15 crores makes PBIDT of Rs.15 crores and PAT of
Rs.10 crores. The face value of its share is Rs.5 and PE is 10, the market price will be -----
----.

(i) Rs.50
(ii) Rs.66
(iii) Rs.33.34*
(iv) Rs.100

Q. Placement of volatile portion and core portion of Saving and Current deposit may be
done as under:
a. volatile portion in day 1 time bucket and core portion in 1-3 year bucket.*
b. Volatile portion in 7 day time bucket and core portion in 5 year bucket.
c. Volatile portion in 2-7 days time bucket and core portion in 1 year time bucket.
d. none of above.

Q. Cash should be shown under which time bucket for inflow:

a. 1 day.*
b. 2-7 days.
c. 8-14 days.
d. One year.

Q. Investment in shares and mutual fund (open ended) should be shown in

a. Over 5 year bucket*
b. Over 1 year bucket.
c. Over 2 year Bucket.
d. None of above.

Q. Investment in subsidiaries and joint ventures to be shown

a. In over 5 year bucket.*
b. In over 3 year bucket.
c. In over 1 year bucket.
d. None of above.

Q. Core portion of Cash credit advances may be shown under

a. 1-3 year time bucket.*
b. over 3 year time bucket.
c. Over 5 years time bucket.
d. None of above.

Q. Term Loans to be shown under:

a. Interest and principal of the loan under residual maturity bucket.*
b. Principal under residual maturity bucket.
c. all in 5 year and above bucket.
d. None of above.

Q. The net cumulative negative mismatches during the day 1, 2-7, 8-14 and 15-28 days
buckets if exceed the prudential limits may be financed from market by
a. Market borrowings ( call /term)
b. Bills discounting
c. Repo
d. All above.*

Q. Market Value of an asset is conceptually equal to

a. Present value of current and future cash flows from that asset and liability.*
b. future value of current and future cash flows from that asset and liability.
c. None of above.
d. Present value of asset and future value of liability.

Q. Yield Curve Risk is known as:

a. Risk owing to altering of yields across maturities and its impact on NII*
b. Risk owing to wrong drawing of yield curve by Bank staff.
c. risk of lower current yield .
d. None of above.

Q. Gap method is basically used for

a. measuring banks interest rate risk exposure.*
b. measure maturity mismatch
c. Measure potential losses from off balance sheet exposure.
d. None of above.

Q. In a given time band a negative or liability sensitive gap occurs when

a. Rate sensitive liabilities exceed rate sensitive assets.*
b. Rate sensitive assets exceed rate sensitive liabilities.
c. None of above.
d. All the above.

Q. with a negative gap , an increase in market interest rates could cause a

a. decline in net interest income.*
 b. Increase in net interest income.
c. None of above.
d. All above.

Q.
YEAR CASH DISCOUNT RATE PRESENT
FLOW 8% 10% VALUE at 8%
1 8 0.9259 0.9091 7.4074
2 8 0.8573 0.8264 6.8587
3 8 0.7938 0.7513 6.3507
4 8 0.7350 0.6830 5.8802
5 108 0.6806 0.6209 73.5030
TOTAL 140 100

Suppose that current expectation of yield is 10%. What will be the market price?
Ans: Rs 92.4184

Q. Under Put option the buyer has

a. Right to sell but not obligation to sell*
b. Right to buy but not obligation to buy
c. Right to receive interest payments.
d. None of above.
Q. Under Call option the buyer has
a. Right to buy but not obligation to buy
b. right to sell but not obligation to buy
c. None of above.
d. right to either sell or buy

Q. In India only
a. European option are allowed.*
b. Only American option are allowed.
c. Both are allowed.
d. None are allowed.

Q. Futures are
a. Over the counter products.
b. Exchange traded.*
c. None of above.
d. all the above.

Q. Which of the following is true:

a. A swap has invariably two legs of transaction.*
b. A swap only one leg of transaction.
c. None of above.
d. All the above.

Q. Futures are marked to market on

a. Daily basis and margin is adjusted.*
b. Weekly basis.
c. Monthly basis.
d. None of above.

Q. Capital , Reserves and Surplus are

a. Non interest rate sensitive.*
 b. Interest Rate Sensitive.
c. None of above.

Q. Provisions and inter office adjustments are

a. Rate sensitive.
b. Rate non sensitive.*
c. None of above.
d. all of above.

Q. Current account balance is

a. Rate sensitive.
b. Rate non sensitive.*
c. None of above.
d. All of above.

Q. Banking Book relates to assets which are

a held till maturity and reflected in Balance sheet at acquisition cost.*
b. held till maturity and reflected in Banking book at market cost.
c. None of above.
d. all of above.

Q. Trading book includes :

a. assets a which normally not held till maturity and mark to market system is
followed.*
b. assets which are held till maturity.
c. assets which are purchased in market.
d. none of above.

Q. Which is true:
a. Risk associated with portfolio is always less than the weighted average of
risks of individual items in portfolio.*
b. Risk associated with portfolio is always more than the weighted average of
risks of individual items in portfolio.
c. Risk associated with portfolio is equal to weighted average of risks of individual
items in a portfolio.
d. Risk of the portfolio cannot be related to the risks in individual items

Q. Systemic risk can be diversified

a. True.
b. False *
c. Partly true
d. partly false.

Q. Basel Committee (BCBS) possess formal super national supervisory authority and its
conclusions have legal force:
a. True.
b. False*
c. through World bank
d. through the central bank of the country.

Q. Bond price changes can be estimated using modified duration using following
relationship
a. modified duration* yield change.
b. Mcaulay duration* yield change. *
 c. Maturity*yield change.
d. None of above.

Q. VaR is
a. potential worst case loss at a specific confidence level over a certain period
of time.*
b. potential worst case loss over indefinite period of time.
c. none of above.
d. potential for gain over a selected period
1. Within an organisation, when attempting to manage and control risk, the organisation should be
aware that
A. consideration of risk perception is not required.
B. consideration should be given to internal controls only.
C. uncertainty must be taken into account.
D. uncertainty need not be considered.

2. The Chief Risk Officer within a large manufacturing organisation has been asked by the Board of
Directors to provide an example of a pure risk. A suitable example would be
A. a fire occurring in a new manufacturing process line.
B. entering into a contract to purchase a new factory.
C. making a strategic decision that affects the long-term future of the organisation.
D. the purchase of a currency derivative.

3. An insurer is reviewing its book of commercial insurance policies and is using probability theory to
analyse claims data, which is based on the following information.

Postcode area Number of risks insured Number of claims reported

EH 3,200 154
LS 500 57
M 4,200 139
N 1,600 109

From this information the insurer will deduce that the likelihood of future claims arising is greatest
in which postcode area?
A. EH.
B. LS.
C. M.
D. N.

4. When applying probability theory to a specific period of time, a measurement of 0.85 indicates that
the event
A. is very likely to occur.
B. may occur, but is impossible to predict.
C. will never occur.
D. will occur, but very rarely.

5. Which type of risks are characterised by a perceived lack of control and catastrophic potential?
A. Delay risks.
B. Dread risks.
C. Man-made risks.
D. Unknown risks.
6. An organisation following the Renn and Rohrmann structured framework should be aware that an
individual’s risk perception is influenced by common sense, which is also referred to as
A. collective reasoning strategies.
B. emotional factors.
C. knowledge of risks.
D. personal identity and views.

7. How can the perception of risk by senior management typically have a fundamental effect on the
future direction of a manufacturing organisation?
A. It will determine which risk management tools are used in identifying risks.
B. It will have a direct effect on the marketability of its products and services.
C. It will influence the composition of its risk management committee.
D. It will shape the organisation’s risk appetite and attitude towards risk acceptance.

8. How does a pure risk differ from a speculative risk?

A. A pure risk always has an environmental cause whereas a speculative risk always involves human
error.
B. A pure risk can be measured in probability terms whereas a speculative risk cannot.
C. A pure risk is not subject to regulatory control but a speculative risk always is.
D. A pure risk only leads to the possibility of a loss, whereas a speculative risk may lead to a gain.

9. As part of an organisation’s risk management process, when considering risk and uncertainty, the
risk team must be aware that
A. risk assessment is the sole method of reducing uncertainty.
B. risk can apply to both opportunities and threats to the organisation.
C. uncertainty should always be considered completely separately from risk.
D. uncertainty should only be considered when reviewing long-term objectives.

10. How did the large fluctuations in prices of many raw materials and commodities in the 1970’s
influence the evolution of risk management?
A. An increase in the use of captive insurers.
B. Derivatives being used as a risk management tool.
C. Financial institutions increasing their market and credit risk management services.
D. The development of business continuity planning.

11. A key influence on the evolution of risk management theory in the 19th Century was based on
A. calculating the standard deviation of a distribution around a mean.
B. economists analysing the relationship between unemployment and interest rates.
C. mathematicians collecting measurements to provide statistical data.
D. placing a greater emphasis on the human element of decision making.
12. When considering risk management within a manufacturing organisation, what is a key benefit of
conducting a detailed structured analysis of the entire organisation?
A. It would allow the organisation to develop silo-based risk management techniques.
B. It would identify all counterparty risks that affect financial stability.
C. It would identify alternative production methods and remove all risks.
D. It would uncover weaknesses and provide valuable information that can be used to improve
processes.

13. Why is it important that an organisation attempts to measure the benefits of risk management in
financial terms?
A. It will improve the delivery of services to customers.
B. It will ensure faster recovery from emergency incidents.
C. It will quantify the level of internal and external resources that are required.
D. It will record all electronic interventions to provide an audit trail.

14. Within a large global organisation, who has the primary responsibility of identifying individual risk
owners and making sure appropriate risk control activities are carried out?
A. Board of Directors.
B. Chief Risk Officer.
C. Risk Committee.
D. Risk Manager.

15. In relation to a large organisation’s risk management process, what does the internal audit function
typically have responsibility for?
A. Helping to evaluate existing risk controls in specified areas of the business only.
B. Preparing designated parts of an up-to-date risk register.
C. Providing detailed assurance that risk management processes are effective.
D. Setting detailed targets and objectives within the Board remit.

16. Within a large global organisation, the compliance function is normally

A. autonomous and reports directly to the board.
B. a part of the audit function only.
C. a part of both the risk management and audit functions.
D. a part of the risk management function only.

17. An organisation operates with separate and independent risk management, compliance and audit
functions. The organisation’s board of directors should be aware that
A. all costs will be reduced and more risks will be eliminated.
B. holistic risk management processes will be more effective across the organisation.
C. this is likely to create a more robust approach to managing risk.
D. work will often be duplicated and costs will usually be increased.
18. A large organisation is assessing a risk using a typical risk management process and has just
established and identified the risks to which it is exposed. What is likely to be the next stage in the
process?
A. Analysing risks.
B. Eliminating risks.
C. Evaluating risks.
D. Treating risks.

19. One of the primary reasons that an organisation should monitor and regularly review its risk
management process is to
A. consider whether lessons could be learned for future management of risks.
B. ensure that all significant risks are eliminated immediately.
C. evidence that all risks are measured in financial terms only.
D. evidence that an internationally-recognised framework is followed at all times.

20. A risk register has been produced for a large engineering company. What is a key difficulty of such
a register?
A. It is impossible to update it on a regular basis.
B. It is likely to list only a very small number of risks.
C. It may fail to take account of correlations between risks.
D. Stakeholders must be consulted upon all risk management decisions.

21. What is a key consideration when designing an organisational risk register?

A. All staff can update and accept new risks.
B. All staff receive training on updating the register.
C. It is always installed on a web-based system.
D. The organisation’s risk profile is captured.

22. The ISO 31000 standard separates risk management areas into
A. frameworks, processes and audit.
B. principles, frameworks and compliance.
C. principles, frameworks and processes.
D. principles, processes and compliance.

23. Which risk management standard places a specific emphasis on internal risk controls?
A. AIRMIC.
B. COSO.
C. FERMA.
D. ISO 31000.
24. One key reason for a risk manager to review an organisational chart is to
A. determine the extent of present and visible risks.
B. determine the process of the delivery of services.
C. establish a decision-making route.
D. establish the potential impact of a possible risk incident.

25. A risk manager in an organisation is evaluating a risk and multiplies the probability of the risk
occurring with the potential impact. The result of the calculation is the production of a risk
A. appetite.
B. control.
C. factor.
D. matrix.

26. In a manufacturing organisation, what is a fault tree typically designed to show?

A. It evaluates the potential cost of a disruption.
B. It identifies key personnel at each stage in the process.
C. It identifies the likelihood of an interruption arising.
D. It outlines possible solutions to potential interruptions.

27. A logistics manager for a supermarket chain identifies that there is a continual delay in the
deliveries to stores. What is the most appropriate technique to identify the cause of the problem?
A. Decision tree.
B. Flow chart.
C. Hazard and operability study.
D. Physical inspection.

28. What key advantage does a Governance Risk and Compliance framework offer when compared to
retaining separate and independent risk control functions?
A. It can promote individual risk initiatives at working levels.
B. It is easily introduced and quickly implemented.
C. It places less reliance on risk decisions at board level.
D. It provides a consolidated risk management function.

29. To comply with the UK Corporate Governance Code, to which body must all UK-listed companies
provide information concerning solvency, liquidity, risk management and viability on an annual
basis?
A. The Financial Conduct Authority.
B. The Financial Policy Committee.
C. The Financial Reporting Council.
D. The Prudential Regulation Authority.
30. Where an insurance organisation has failed to keep up with new legislation governing its day-to-day
activities, it primarily increases its exposure to
A. compliance and regulatory risk.
B. insurance and regulatory risk.
C. liquidity and business risk.
D. market and strategic risk.

31. A large organisation is assessing the financial strength of one of its customers. Which types of risk
are being assessed?
A. Credit and liquidity.
B. Liquidity and legal.
C. Market and strategic.
D. Operational and credit.

32. Within an organisation, business risk can typically be categorised as the

A. alleged or actual breach of contract between an organisation and counterparty.
B. probability of a loss being inherent in an organisation’s operations and environment.
C. risk of an organisation not being able to meet its financial obligations.
D. uncertainty relating to the occurrence of an insured event.

33. Why can it be difficult for an organisation to categorise risks?

A. Audit and compliance functions must always categorise risks differently.
B. Risk categories are always applied differently across an organisation.
C. There is no universally accepted definition of individual risks.
D. Universal risk categorisations must always be used.

34. Understanding the potential causes of risk events will primarily help an organisation to
A. comply with corporate governance standards.
B. eliminate all risks.
C. improve internal audit procedures.
D. reduce the frequency of loss.

35. Where a large organisation uses enterprise risk management to create a framework to consider all
risks affecting the organisation, this is typically known as
A. a consolidated approach.
B. connected methodology.
C. a holistic approach.
D. seamless methodology.
36. Which type of risk framework is expected to improve efficiency by aligning strategy, processes,
technology and people?
A. Controls, risk and supervision.
B. Corporate, governance and control.
C. Governance, risk and compliance.
D. Supervision, audit and compliance.

37. When implementing an enterprise risk management (ERM) framework, a large organisation should
be aware that ERM
A. only allows for risks to be measured in financial terms.
B. relies largely upon the analysis and evaluation of risks against criteria that are set by the Board.
C. will always improve the competitive position of the organisation.
D. will always require assessment of risk management processes from both internal and external
auditors.

38. What is typically the day-to-day responsibility of a Chief Risk Officer within a large organisation?
A. Ensuring that all key risks are adequately managed and reported.
B. Preparing and maintaining individual insurance arrangements.
C. Producing policies on compliance matters.
D. Providing assurance that individual risk management processes are effective.

39. A train has crashed and is badly damaged. There have been numerous claims from injured
passengers as well as a loss of revenue for the train operator. This is an example of
A. risk aggregation.
B. risk categorisation.
C. risk probability.
D. risk severity.

40. A key requirement for successfully implementing a governance risk and compliance framework
within an organisation is for
A. consistent terminology to be introduced across the organisation’s risk management and
assurance functions.
B. risk management and compliance functions to create individual risk management frameworks at
all levels.
C. risk management costs to be reduced when all risk events occur.
D. senior managers to increase their risk tolerance.

41. An organisation will typically find that their insurance arrangements will exclude cover for
A. consequential losses following natural disasters.
B. credit risks.
C. product liability claims.
D. the value of their computerised database.
42. Insurance policies issued by a commercial insurer operating solely in the UK are directly governed
under which Act?
A. Consumer Insurance (Disclosure and Representations) Act 2012.
B. Financial Services Act 2012.
C. Insurance Act 2015.
D. Sarbanes-Oxley Act 2002.

43. A broker is undertaking a business interruption review on behalf of a client. This would
most commonly include an evaluation of the
A. effectiveness of a business continuity plan.
B. effectiveness of risk reserving.
C. level of risk tolerance.
D. level of self insurance.

44. What is a primary benefit of a commercial customer self-insuring a risk?

A. Claims costs will reduce.
B. Controllability of risk will increase.
C. Its short-term cash-flow position is likely to improve.
D. Staff training requirements will decrease.

45. A large manufacturing organisation has renewed an insurance policy and has accepted a significant
increase in the policy deductible. What is this most likely to indicate?
A. Decreased risk avoidance.
B. Decreased risk tolerance.
C. Increased risk elimination.
D. Increased risk retention.

46. For what primary reason could enterprise risk management (ERM) systems fail?
A. ERM decisions are always ignored across a business when a top-down approach is used.
B. Financial constraints could compromise the implementation of ERM systems.
C. Management can never override ERM decisions.
D. The use of ERM systems do not give the required assistance to risk managers.

47. What could a financial organisation make primary use of, to assess whether its risk management
systems are likely to fail?
A. Key control indicators.
B. Key risk indicators.
C. Silo-based risk management.
D. Physical inspections.
48. A large organisation has entered into a surety arrangement using a counterparty to guarantee
certain credit risks. The main risk to the organisation of the counterparty failing is that the
organisation would
A. be liable for all future losses incurred on these credit agreements.
B. be responsible for all of the counterparty’s losses.
C. be unable to self insure these risks.
D. have losses limited to the premium paid only.

49. An engineering company is assessing the key risks faced within the manufacturing process.
Although cover is in place for most of the potential losses that may arise, the company should be
aware that
A. automated warnings will always eliminate human error.
B. the consequences of human error can never be insured against.
C. human error cannot be eliminated.
D. the use of physical barriers will always eliminate human error.

50. As a direct result of recent disasters in the oil drilling and exploration sector, for companies in this
sector there has been an increase in
A. business continuity planning and the use of lower policy deductibles.
B. coinsurance and silo-based risk management.
C. governance, risk and control and self-insurance.
D. new regulations and safety controls.
Specimen Examination Answers and Learning Outcomes Covered
Learning Learning Learning
Question Answer Question Answer Question Answer
Outcome Outcome Outcome
Learning Outcome 1 Learning Outcome 4 Learning Outcome 7
1 C 1.1 30 A 4.1 46 B 7.1
2 A 1.4 31 A 4.1 47 A 7.1
3 B 1.2 32 B 4.1 48 A 7.2
4 A 1.2 33 C 4.2 49 C 7.2
5 B 1.3 34 D 4.3 50 D 7.3
6 A 1.3 5 questions 5 questions
7 D 1.3
8 D 1.4 Learning Outcome 5
9 B 1.1 35 C 5.1
9 questions 36 C 5.2
37 B 5.1
Learning Outcome 2 38 A 5.3
10 B 2.1 39 A 5.4
11 C 2.1 40 A 5.2
12 D 2.2 6 questions
13 C 2.2
14 B 2.3 Learning Outcome 6
15 C 2.3 41 D 6.1
16 C 2.4 42 C 6.1
17 D 2.4 43 A 6.2
8 questions 44 C 6.3
45 D 6.3
Learning Outcome 3 5 questions
18 A 3.1
19 A 3.1
20 C 3.2
21 D 3.2
22 C 3.3
23 B 3.3
24 C 3.4
25 C 3.4
26 C 3.4
27 B 3.4
28 D 3.5
29 C 3.5
12 questions
Risk management

Based on the following information, answer following questions

Rating Migration of Loan Accounts based on their Internal Rating Module of Fair
Growth Bank Ltd. between 31.03.2005 to 31.03.2006 are given in the following
Tables.

Last No of Present Rating

Rating Accounts AAA AA+ AA A+ A BBB C
AAA 50 35 8 2 2 1 1 1

Last No of Present Rating

Rating Accounts AAA AA+ AA A+ BBB C Default
AA+ 50 5 30 7 5 1 1 1

Last No of Present Rating

Rating Accounts A+ A BBB C Default
A 100 10 80 6 2 2

Last No of Present Rating

Rating Accounts A+ BBB C Default
BBB 200 10 120 30 40

Last No of Present Rating

Rating Accounts BBB C Default
C 30 5 20 5

Standard Migration pattern for ‘A’ rated Borrowers shows a default probability of
0.2% and ‘BBB’ rated Borrowers shows a default probability of 20%. Based on the
given data, answer the following five questions.

1. Find out the percentage of ‘AAA’ rated borrowers which remained at the same
rating level for the observation period.

a)35%
b)50%
c)70%
d)10%

2. At the end of the observation period, the number of ‘AAA’ rated borrowers
remained at -----

a)40
b)55
c)35
d)100

3. The percentage (%) of migration of borrowers from ‘A’ and “BBB” category to
default category (category ‘D’) are ----- and ----- respectively.
 a)20%, 40%
b)2%, 40%
c)2%, 20%
d)0.2%, 40%

4. Going by the Standard Migration Rating, which type of rating module the
regulator will advise the bank to follow?

a)Both ‘A’ and ‘BBB’ rated borrowers

b)only ‘A’ rated borrowers
c)‘BBB’ rated borrowers
d)None of the above

5. At the end of the observation period the number of default category (‘D’) rated
borrowers remained at ----- .

a)40
b)54
c)133
d)48

Based on the following information, answer questions 6 to 10

ABC Bank Ltd. analyzed the Operating Profits of five zones for last five years. The
Standard Deviation and Standard Deviation to Mean for the five years are given in
the following table.
(Rupees in Crore)
Name of Year Year Year Year Year Total Mean Standard S. D.
Zones 1 2 3 4 5 Deviation to
(S.D.) Mean
Ahmedabad 10 3 4 8 11 36 7.20 3.56 0.49
Chennai 3 8 1 6 4 22 4.40 2.70 0.61
Delhi 12 8 9 2 4 35 7.00 4.00 0.57
Kolkata 6 9 2 3 5 25 5.00 2.74 0.55
Mumbai 7 12 5 8 6 38 7.60 2.70 0.36
Total of 38 40 21 27 30 156 31.20 7.85
Zones

From the above data, answer the following questions assuming that the bank’s credit
exposure is at equal levels for each zone:

6. From business risk point of view, the performance of the zone which is subjected
to maximum risk exposure appears to be -----.

a)Ahmedabad
b)Mumbai
c)Chennai
d)Kolkata

7. From business risk point of view, the performance of the zone which is subjected
least risk exposure appears to be -----.
 a)Delhi
b)Mumbai
c)Chennai
d)Kolkata

8. The ratio of Standard Deviation to Mean for all zones put together for ABC
Bank Limited is -----.

a)7.85
b)31.20
c)0.516
d)0.25

9. Performance of which Zone shows a positive co-relation with the performance of

all Zones put together?

a)Chennai
b)Delhi
c)Kolkata
d)Mumbai

10. The Zones having wide variance of results from year to year is -----.

a)Ahmedabad
b)Kolkata
c)Chennai
d)Delhi

Financial management
Answer Question based on the following information
The Variable cost structure of a product manufactured by a company during the year is as under:

(Rs. per Unit)

Material 120
Labour 30
Overheads 12

The selling price per unit is Rs.270 and the fixed costs and sales during the current year are Rs.14 lakh and
Rs.40.5 lakh respectively.

During the forthcoming year direct workers will be entitled to a wage increase of 10% and the material
cost, variable overheads and fixed overhead are expected to increase by 7.5%, 5% and 3% respectively.

11 The total contribution and profit for 15,000 units based on present costs is ----- and -----
respectively.

a) Rs.15,20,000, Rs.1,20,000
b) Rs.15,80,000, Rs.1,80,000
c) Rs.16,00,000, Rs.2,00,000
d) Rs.16,20,000, Rs.2,20,000

12 Find sale price to be fixed in the forthcoming year if the current P/V Ratio is to be maintained.
 a) Rs.271.40
b) Rs.281.40
c) Rs.285.40
d) None of these

13 Assuming that selling price per unit will not be increased, ----- would be required to be sold
during the forthcoming year so as to yield the same amount of profit in the current year.

a) 15,621 units
b) 16,431 units
c) 17,421 units
d) 18,321 units

14 Revised Variable cost per unit will be -----

a) Rs.154.50
b) Rs.161.30
c) Rs.174.60
d) Rs.181.50

Answer Question based on the following information

The Balance Sheet of STV Ltd. is given below:
LIABILITIES Rs. in Lakh ASSETS Rs. in Lakh
Equity Capital(Equity Share of Rs. 3.50 Plant & Machinery 7.50
10 Each)
Preference Capital (10% Preference 2.00 Goodwill 1.40
Shares of Rs. 10 each)
Reserves & surplus 2.00 Stock 1.50
Long term Loans(11%) 1.00 Debtors 1.00
9% Debentures 2.50 Pre-Paid Expenses 0.25
Creditors 0.60 Marketable Securities 0.75
Bills Payable 0.20 Cash 0.25
Accrued Expenses 0.20
Provision for tax 0.65
12.65 12.65

15 The Current ratio of STV Ltd. is -----

a) 3.75 : 1
b) 2.27 : 1
c) 1.81 : 1
d) 1.66 : 1

16 The Quick ratio of STV Ltd. is -----

a) 2.25 : 1
b) 1.36 : 1
c) 1.21 : 1
d) 2.00 : 1

17)The Debt : Equity ratio of STV Ltd. is-----

a) 1:1
b) 0.467 : 1
c) 0.636 : 1
d) 0.553 : 1

Answer Question based on the following information.

How much time do students spend to prepare for a Statistics final exam? To answer this question, a random
sample of 40 students was selected. The sample revealed an average of 5.5 hrs, and a standard deviation of
3.5 hrs.

18)The 95% Confidence Interval for the average number of hours that students spend
preparing for a Statistics exam is -----.

a). (4.00, 7.00)

b). (5.42, 6.36)
c). (4.42, 6.58)
d). (3.45, 5.57)

19)If we recalculate the above interval using a 98% confidence level, the margin of error
will -----.

a). Increase to 1.29

b)Decrease by 1.29
c). Remain as it is
d) None of these

Answer Question based on the following information.

The cash flow in respect of one project is given below. The Cost of Capital is 12%,

Year Project A
Rs.
0 (200)
1 60
2 60
3 60
4 60
5 60

20)What is the NPV of Project A (in Rs.)?

a) 216.29
b) 16.29
c) 200
d) 182.24

21)What is the Profitability Index of Project A?

a) 1.30
b) 1.08
c) 1
d) 0.91

22)What is IRR of Project A?

b) 15.24%
c) 14.24%
d) 16.24%
e) 14.50%
Technology Management

Read the following case carefully and choose the answer which you consider to be
the most appropriate to the issues raised therein.
Information System (IS) Audit was going on in a fully computerized branch of a nationalised bank. In the
preliminary check during the day begin one of the IS auditor found that number of users active in the
system are more than the staff strength of the branch as per the attendance register. The auditor was
informed by the Database Administrator (DBA) that one of the user-id is for software engineer, who is
required to do maintenance work in case of need. One more user-id is of ex-DBA of the branch who was in
the branch since the beginning of computerization but has been transferred from the branch to the Regional
Office in the previous week. The Regional Office was very close by and in case of need, ex-DBA
unofficially visits and carries out the required operation with his old user-id and password and helps the
recently posted DBA. Further the auditor found that the server room is kept open and is being accessed by
all.

The DBA appraised the auditor about the co-operation extended by every staff for computerized
environment. During IS Audit, auditor found that the computerized operations are very smooth and even
CTO can do the day begin or day end, if DBA is busy in some other work.

33 User-id and password of software engineer should be -----

a) Generated and kept for maintenance purpose.

b) Generated in case of need and deleted when job is over.
c) Non-system generated.
d) That of DBA because software engineer requires high level access.

34 Server room should be accessed by -----

a) DBA only.
b) DBA and Branch Manager only.
c) Only those staff, who are working on computer.
d) Only those staff who enter every access in a log book.

35 day begin and day end activity should be done by -----

a) DBA only.
b) Authenticated CTO only.
c) Branch Manager.
d) Software engineer who has been assigned the Annual Maintenance Contract.

36 To prevent possibility of the fraud at the branch -----

a) The duties of the staff should be segregated.

b) No additional users other than staff of the branch should be allowed access to the system.
c) Ex-DBA should be stopped from operating on the branch system with his old user ID.
d) All of the above.

37 Ex-DBA should be -----

a) Continued to operate with his old user-id and password till the present DBA is
accustomed with new assignment
b) Disallowed to operate since he has been transferred
c) Allowed to keep his user-id and password, but should work in absence of present DBA
d) None of these
Answers the Questions.

1 C 2 A 3 C 4 C 5 D 6 C

7 B 8 D 9 C 10 D 11 D 12 C

13 C 14 C 15 B 16 C 17 B 18 C

19 A 20 B 21 B 22 A 23 D 24 B

25 B 26 C 27 D 28 A 29 B 30 D

31 B 32 C 33 B 34 D 35 A 36 D

37 B 38 B 39 B 40 A 41 A 42 A
 Principles of Risk and Risk Management

1. Which of the three actions Tom Brown is undertaking is categorised as a pure risk?

A. Buying 100 lottery tickets.

B. Selling his house even though he receives less than he paid for it because he
thinks prices will fall further.
C. Going horse riding without wearing a riding helmet.

2. Hopkin states ‘Most standard definitions of risk refer to risks being attached to corporate
objectives’. What else may risks be attached to?

A. Core processes.
B. Hazard management.
C. Risk correlation.

3. Enterprise Risk Management (ERM) is considered to have significant advantages over

traditional risk management approaches because ERM

A. ensures that an organisation’s objectives will be achieved.

B. takes an integrated or holistic approach.
C. addresses strategic, tactical and operational risk management.

4. Which of the following would you expect to see in the context of risk strategy in the risk
architecture, strategy and protocols framework (RASP)

1. The risk and audit team report to the board quarterly.

2. The tolerance level of risk is clearly defined.
3. Ownership of risk is delegated to business units.
4. The organisation has a defined risk appetite.

A. 2 and 3
B. 1 and 4
C. 2 and 4

2
5. As part of the ISO 31000 risk management process monitoring and review is best thought of as
which of the following?

A. An extra stage.
B. A feedback loop.
C. Part of an iterative process.

6. From COSO 2014 what three elements in addition to Business Planning make up the COSO ERM
business model?

1. Execution
2. Monitoring
3. Control
4. Adapting

A. 2, 3 and 4
B. 1 and 3
C. 1, 2 and 4

7. Which factors are likely to influence your view when assigning a low, medium or high rating for the
likelihood and impact of an interruption to production due to a natural disaster?

1. The length of time since the last natural disaster in the vicinity of the production unit
2. Where your suppliers are located.
3. Long range models and stress scenarios.
4. What you produce.

A. 1 and 2
B. 1, 3 and 4
C. 2 and 4

8. One consequence of people who have different risk perceptions undertaking risk assessments is

A. risks are not fully identified.

B. risk treatments could be applied to the less significant risks.
C. it is not possible to determine a risk rating for a particular risk

3
9. Relying on historic analysis when assessing potential risks and possible impacts implies that

A. should adverse events occur the impact can be accurately modelled.

B. significant risks have all been seen before.
C. management believe that the future will behave much like the past.

10. Using the FIRM scorecard which of the following risks could a risk manager quantify?

1. Loss of income.
2. Financial gain.
3. Reputational damage.

A. 1 and 2
B. 1 and 3
C. 2 and 3

11. Which of the following statements are possible ways of defining the upside of risk?

1. Less disruption to operations resulting in less downside risk.

2. The ability to pursue a business opportunity that a competitor has no appetite for.
3. Actions than can maximize positive risk outcomes.
4. The outcome of mitigating the magnitude, impact and consequences of a risk event.

A. 1 and 4
B. 1 and 2
C. 2, 3 and 4

12. Which of the following statements about captive insurance companies are correct?

1. The domicile for captives is limited to those with favourable regulatory and accounting
regimes.
2. A captive can access reinsurance markets.
3. A captive can sometimes offer greater cover than is available in the insurance market.
4. Captives are not permitted to insure the risks of third parties.

A. 1 and 4
B. 1 and 2
C. 2 and 3

4
13. The following questions consist of TWO statements. Read each statement and consider if
each one is ‘True’ or ‘False’. If Statement 1 is ‘True’, consider if Statement 2 is a correct or
an incorrect explanation for why Statement 1 is ‘True’.

Statement 1 Statement 2

Business Continuity Planning

Business Continuity Planning
Because is a technique used to control
can be classified as a directive
a low level risk which has
control.
occurred.

Choose from the following FIVE possible combinations where the first True/False refers to
Statement 1 and the second to Statement 2.

A. True True and Statement 2 is a correct explanation

B. True True but Statement 2 is NOT a correct explanation.
C. True False
D. False True
E. False False

5
Case Study

Foods Company owns a cold storage warehouse for storing frozen foods prior to delivering them to
supermarkets. Established in 1999, Foods employs 30 staff.

Goods inwards are stored on pallets and stacked in chiller units or freezer compartments. Temperatures
in the cold storage units range from -5 degrees in the chiller units to – 30 degrees in the freezer units. The
warehouse has a good sprinkler system with a regular maintenance programme in place.

An accident book is kept on site. Normally there are only a few minor injuries recorded but two employees
have reported sick in the last month and were subsequently diagnosed with asthma, potentially caused by
the dry atmosphere when working in extreme cold temperatures.

A weekly meeting takes place on site between the site manager and the health and safety manager to
discuss risk management matters. The agenda for today’s meeting is risk assessment focusing on health
and safety hazards.

14. Which risk for this warehouse could be classified as an inherent risk?

A. Staff being exposed to cold conditions after failing to wear protective clothing.
B. Accidentally being shut in a freezer cabinet.
C. Sprinkler systems failing to operate.

15. What corrective action could the two managers consider to reduce the likelihood of more staff
going off sick with asthmatic conditions?

A. Reduce the length of time staff are exposed to cold conditions.

B. Increase training about the use of protective clothing.
C. Provide staff with a booklet on keeping warm.

16. To ensure staff are complying with health and safety standards in the warehouse which
directive controls could be implemented?

1. Supply protective suits for staff to wear to provide extra warmth in the freezer units.
2. Issue requirements regarding the wearing of protective suits clothing.
3. Require staff working in the storage units to complete checklists and worksheets daily.
4. Install cameras in the cold storage units.

A. 1 and 2
B. 1 and 4
C. 2 and 3

6
17. The health and safety manager confirms the company has employer’s liability insurance. Which
statement best explains why the company has this insurance?

A. The company has 25 or more staff.

B. Employers’ liability is a compulsory class of insurance in most countries.
C. The staff members away sick may seek compensation from Foods Company.

7
 Principles of Risk and Risk Management

ANSWERS

Question Correct
Rationale
Number Answer
Pure, or hazard, risks only result in negative outcomes which is
why option C is the correct answer. Buying a lottery ticket involves
an initial outlay but there is only upside or opportunity risk
1 C thereafter. Having decided to sell his house at a lower price than it
was purchased for Tom has eliminated his exposure to the impact
of changes in house prices.

Risk attachment is covered in Fig 2.1 in Hopkin which shows how

risks can be attached to core processes as well as corporate
2 A objectives.

The key differentiator for ERM is that it takes an integrated or

holistic approach. Option A is incorrect as neither traditional or
ERM approaches can ensure that an organisation’s objectives will
3 B be achieved whilst both can address the management of strategic,
tactical and operational risks.

Risk tolerance and risk appetite are part of the risk strategy
elements of the RASP framework set out in Fig 6.2 in Hopkin. Risk
4 C reporting and roles and responsibilities are parts of the risk
architecture within the same framework.

Monitoring and review is part of the ISO 31000 risk management

process set out in Fig 6.4 in Hopkin. It is iterative, rather than just
an extra stage or a feedback loop, because each of the stages in
5 C the process may be executed multiple times before the risk
evaluation is finalised and the appropriate risk treatment agreed.

The elements of COSO’s contextual business model that are set

out in Fig 1 are business planning, execution, monitoring and
6 C adapting making C the correct answer.

A key consideration is where your suppliers are located, as

7 C production would be harder hit if they were located nearby and
affected by the same disaster. The second consideration is what
you produce as this will determine the extent to which production
8
 might be disrupted by a natural disaster, for example products that
are reliant on just-in-time deliveries would be more impacted if
deliveries could not be made. The length of time since the last
disaster is not a relevant consideration as it is unlikely to impact
the likelihood of another disaster occurring. Similarly modeling is of
limited value when assessing the likelihood of natural disasters
occurring.

One consequence of people having different risk perceptions is

that the significance of some risks may be incorrectly determined
and therefore treatments could be applied to less significant ones.
The failure to identify risks fully is possible but this is relevant to the
risk identification stage of risk assessment only and with people
8 B having different risk perceptions it is possible that more risks are
identified and more fully discussed. In terms of risk assessment
ratings, risk perceptions may result in an incorrect rating being
applied but a rating will eventually be determined, possibly by the
most senior person and even if not everybody agrees.

Historic analysis is backward looking so using it to make an

assessment about future impacts implies that the future will
behave much like the past. The use of models to assess the
potential impact of risk events can be flawed if there are model
9 C errors, the wrong model is used or things have changed. Similarly
given the fast pace of change new risks can be expected to
emerge that are not captured in the historic analysis.

Quantifiable risks as per the FIRM scorecard are loss of income

and financial gains, see Table 11.2. Quantifying reputational
10 A damage is much more difficult.

Upside risk can be defined in terms of gains from accepting an

opportunity as well as lower costs from a positive outcome.
Actions that maximize positive risk outcomes or outcomes that
11 B
affect the magnitude, impact or consequences of a risk event
relate to execution rather than definition of upside risk.

Captive insurance companies are able to access reinsurance

markets, can provide cover to group companies that may not be
available from other insurers, are able to offer insurance cover to
12 C third parties and can decide to locate their domicile in any country
not simply those with favourable regulatory and accounting
regimes.

Statement A is True as following pre-agreed directions once a risk

event has occurred can significantly reduce impact. Statement 2 is
13 C False as BCP as is applied only where significant risks, rather than
low level ones, have occurred.

9
 An inherent risk is one that is measured and assessed before
controls to minimize its impact are taken into account making B the
14 B correct option. In the other two cases controls have been put in
place to reduce the inherent risk.

A corrective action or control is one that reduces the inherent level

15 A
of risk to one within appetite which is option A. The other options
are examples of directive controls.

Directive controls include documented procedures that staff are

required to comply with, in this case wearing protective clothing
and completing checklists and worksheets. Supplying protective
16 C
clothing and installing cameras are examples of corrective
controls.

Employers’ liability insurance is a compulsory requirement in many

countries so is the correct answer. Whilst it is true that workers
who are off sick for work-related reasons may seek compensation
17 B that is not the main reason that employers take out this form of
insurance. The number of employees is irrelevant to the decision
on whether to take out insurance.

10