A. Auditing of financial controls.
B. International Risk Management.
C. Environmental, social, and governance (ESG) investing.
D. Information Security Systems.
A. A list of exceptions for the family of board members.
B. To whom the policy applies to and how an additional management report should be allocated to.
C. A list of acceptable fonts and margin types.
D. To whom and in what form exceptions should be sought and the general exemptions e.g. areas to which the policy does not apply
A. A good visualization tool for understanding where hand-offs and hand-ins may occur.
B. A useful tool for understanding process intensive activities.
C. All of the above.
D. A helpful tool for understanding where control gaps may exist.
A. Remind the attendees that they can override the results of the workshop once the risks are tallied.
B. Guide the workshop toward a pre-determined conclusion, based upon known industry identified risks.
C. Remain objective and refrain from expressing his or her own opinions.
D. Attend via a video connection to allow proper distance.
A. The compliance function should report to the business (even when following a three lines of defense model).
B. The risk function should be outsourced if there is a compliance function.
C. The compliance function should be independent of the business (following a three lines of defense model).
D. The compliance function should be outsourced if there is a risk function.
A. Ignored.
B. Reported, Recorded and Analyzed, Used in calculation of Operational Risk Capital.
C. Reported. Recorded and Analyzed. Not Used in calculation of Operational Risk Capital.
D. Recorded and Analyzed. Used in calculation of Operational Risk Capital.