Which of the following statements are true for enterprise’s risk management capability maturity level 3?

Posted by: Pdfprep Category: CRISC Tags: , ,

Which of the following statements are true for enterprise’s risk management capability maturity level 3?
A . Workflow tools are used to accelerate risk issues and track decisions
B . The business knows how IT fits in the enterprise risk universe and the risk portfolio view
C . The enterprise formally requires continuous improvement of risk management skills, based on clearly defined personal and enterprise goals
D . Risk management is viewed as a business issue, and both the drawbacks and benefits of risk are recognized

Answer: ABD

Explanation:

An enterprise’s risk management capability maturity level is 3 when:

– Risk management is viewed as a business issue, and both the drawbacks and benefits of risk are recognized.

– There is a selected leader for risk management, engaged with the enterprise risk committee, across the enterprise.

– The business knows how IT fits in the enterprise risk universe and the risk portfolio view.

– Local tolerances drive the enterprise risk tolerance.

– Risk management activities are being aligned across the enterprise.

– Formal risk categories are identified and described in clear terms.

– Situations and scenarios are included in risk awareness training beyond specific policy and structures and promote a common language for communicating risk.

– Defined requirements exist for a centralized inventory of risk issues.

– Workflow tools are used to accelerate risk issues and track decisions.

Incorrect Answers:

C: Enterprise having risk management capability maturity level 5 requires continuous improvement of risk management skills, based on clearly defined personal and enterprise goals.

Leave a Reply

Your email address will not be published.