Corporate Governance Risk Management & Internal Controls 2

Question 1

What is the 'three lines of defense' model in risk management?

Accepted Answer

A risk governance structure where business units, risk/compliance functions, and internal audit provide layered oversight

Answer

The three lines model defines business operations (1st line), risk and compliance functions (2nd line), and internal audit (3rd line) as distinct but complementary risk oversight layers.

Question 2

What is a 'key risk indicator' (KRI)?

Accepted Answer

A metric that provides an early warning signal about increasing risk exposure

Answer

KRIs are forward-looking metrics that signal when risk levels are rising toward thresholds that require management attention or action.

Question 3

What does 'risk appetite' mean in corporate governance?

Accepted Answer

The amount and type of risk an organization is willing to accept in pursuit of its objectives

Answer

Risk appetite is the board-established statement of how much risk the organization is willing to take on in pursuit of value creation, guiding management's risk-taking decisions.

Question 4

What is the purpose of an internal audit function?

Accepted Answer

To provide independent assurance that internal controls, risk management, and governance processes are effective

Answer

Internal audit provides the board and management with independent, objective assurance and consulting on risk management, control effectiveness, and governance processes.

Question 5

What is a 'whistleblower program' and why is it important to corporate governance?

Accepted Answer

A system allowing employees to report misconduct confidentially, helping detect fraud and control failures early

Answer

Whistleblower programs encourage employees and others to report misconduct by providing confidential reporting channels and legal protections against retaliation.

Corporate Governance Practice Test

Corporate Governance Practice Test

Corporate Governance Risk Management & Internal Controls 2