Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CIA PT 3 > IA Knowledge II > Flashcards

IA Knowledge II Flashcards

1
Q

The acceptable levels of variation relative to the achievement of objectives.

A

Risk tolerance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Ranking risks, formally or informally, from the highest to the lowest, establishing the relative strength of each risk and the potential consequences of each.

A

Risk prioritization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The actions taken to manage risk.

A

Risk response

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A process to identify, assess, manage, and control potential events or situations to provide reasonable assurance regarding the achievement of an organization’s objectives.

A

Risk management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The evaluation of the magnitude of risk, based on the likelihood and impact of risk occurrence.

A

Risk measurement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The assignment of risk into categories, such as financial risk, operational risk, strategic risk, or reputation risk.

A

Risk classification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The method of recognizing possible threats and opportunities.

A

Risk identification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The amount of risk an organization is willing to accept in pursuit of value.

A

Risk appetite

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The identification of risk, the measurement of risk, and the process of prioritizing risk (considering likelihood and impact) or selecting alternatives based on risk.

A

Risk assessment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The risk remaining after management takes action to reduce the impact and likelihood of an adverse event, including control activities in responding to a risk.

A

Residual risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The identification of risk, the measurement of risk, and the process of prioritizing risk or selecting alternatives based on risk.

A

Risk analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

As related to risk, an uncertain event with a positive consequence.

A

Opportunity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The type of risk found throughout the environment.

A

Pervasive risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Limitations of risk management, control, and governance related to human judgment, resource limitations, and the need to balance the costs of controls in relation to expected benefits.

A

Inherent limitations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The risk derived from the environment without the mitigating effects of internal controls.

A

Inherent risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The policies, procedures (both manual and automated), and activities that are part of a control framework, designed and operated to ensure that risks are contained within the level that an organization is willing to accept.

A

Control processes

17
Q

A structured, consistent, and continuous process across the whole organization for identifying, assessing, deciding on responses to, and reporting on opportunities and threats that affect the achievement of its objectives.

A

Enterprise risk management (ERM)

18
Q

A condition that warrants attention as a potential or real shortcoming that leaves the organization excessively at risk.

A

Control deficiency

19
Q

The attitude and actions of the board and management regarding the importance of control within the organization; provides the discipline and structure for the achievement of the primary objectives of the system of internal control.

A

Control environment

20
Q

The comparison of an organization or project to similar internal or external organizations or projects, for the purpose of determining areas for potential improvement and to identify best practices. May also be used to assess likelihood and impact of potential events across an industry.

A

Benchmarking

21
Q

The conformity and adherence to policies, plans, procedures, laws, regulations, contracts, or other requirements.

A

Compliance

22
Q

A risk level derived from an organization’s legal and regulatory compliance responsibilities, its threat profile, and its business drivers and impacts.

A

Acceptable risk level

23
Q

A level of control that is present if management has planned and organized in a manner that provides reasonable assurance that the organization’s risks have been managed effectively and that the organization’s goals and objectives will be achieved efficiently and economically.

A

Adequate control

24
Q

The risk derived from the environment without the mitigating effects of internal controls.

A

Absolute risk

25
Q

A type of risk that revolves around the business impact that would be experienced if certain risks were realized.

A

Acceptable risk

CIA PT 3 (28 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions