Download PrepIQ Kansas Standard Journeyman Electrician 558KS Contractor Ultimate Exam and more Exams Technology in PDF only on Docsity!
Electrician 558KS Contractor Ultimate Exam
Question 1. Which of the following best describes the primary purpose of ISO 31000 in an organization’s risk management framework? A) To prescribe specific risk mitigation techniques for every industry B) To provide principles, a framework, and a process for managing risk C) To replace internal audit functions entirely D) To dictate financial reporting standards Answer: B Explanation: ISO 31000 offers generic principles, a framework, and a process for managing risk, applicable across industries, without prescribing specific controls. Question 2. In the COSO ERM model, which component directly links risk assessment to strategy setting? A) Control Activities B) Information & Communication C) Risk Assessment D) Monitoring Answer: C Explanation: The Risk Assessment component evaluates risks that could affect strategy, ensuring that risk considerations influence strategic decisions. Question 3. What is the key distinction between risk appetite and risk tolerance? A) Appetite is qualitative; tolerance is quantitative B) Appetite defines the amount of risk an organization is willing to accept; tolerance defines the acceptable variance around that appetite C) Appetite applies only to financial risk, tolerance to operational risk D) There is no difference; the terms are interchangeable Answer: B
Electrician 558KS Contractor Ultimate Exam
Explanation: Risk appetite is the overall level of risk an organization is prepared to accept, while risk tolerance sets the acceptable deviation from that appetite for specific risks. Question 4. Which statement best reflects the “tone at the top” concept in risk governance? A) It is the responsibility of the middle management to enforce policies B) It refers to the ethical climate and risk attitudes set by senior leadership C) It is a regulatory requirement for all public companies D) It only concerns financial reporting accuracy Answer: B Explanation: “Tone at the top” describes the influence senior leaders have on the organization’s ethical standards and risk culture. Question 5. In the Three Lines of Defense model, which line is primarily responsible for designing and implementing controls? A) First Line – Operational Management B) Second Line – Risk Management & Compliance C) Third Line – Internal Audit D) Fourth Line – External Auditors Answer: A Explanation: The first line (operational management) owns and executes processes, designing and applying controls daily. Question 6. Which of the following is NOT a typical element of a board-level risk dashboard? A) Heat-map of risk severity B) Detailed daily transaction logs C) Key Risk Indicators (KRIs) trends D) Risk appetite versus actual exposure
Electrician 558KS Contractor Ultimate Exam
D) Significant consequences for the organization Answer: B Explanation: Black Swan events are inherently unpredictable and cannot be reliably forecasted from past data. Question 10. In qualitative risk analysis, a “5-point Likelihood scale” typically ranges from: A) 0% to 100% probability B) Rare to Almost Certain C) 1 to 5 monetary units D) Low to Critical impact Answer: B Explanation: Qualitative scales often label likelihood levels such as Rare, Unlikely, Possible, Likely, and Almost Certain. Question 11. Expected Monetary Value (EMV) is calculated by: A) Multiplying probability of occurrence by the cost of mitigation B) Adding all possible loss amounts together C) Multiplying each outcome’s probability by its monetary impact and summing the results D) Dividing total risk exposure by the number of risk events Answer: C Explanation: EMV = Σ (Probability × Impact) for each scenario, providing an average expected loss. Question 12. Monte Carlo simulation primarily helps risk analysts to: A) Identify root causes of failures
Electrician 558KS Contractor Ultimate Exam
B) Generate a probability distribution of outcomes based on random variable sampling C) Conduct a qualitative risk ranking D) Perform a cost-benefit analysis of controls Answer: B Explanation: Monte Carlo uses random sampling to model the probability distribution of complex risk outcomes. Question 13. In a Business Impact Analysis (BIA), the term “Recovery Time Objective (RTO)” refers to: A) The maximum acceptable downtime for a critical process B) The total cost to recover from a disruption C) The probability of a disruption occurring D) The time required to develop a new business strategy Answer: A Explanation: RTO defines the target time within which a business process must be restored after a disruption. Question 14. When documenting a risk register, the “inherent risk” rating differs from “residual risk” because: A) Inherent risk includes the effect of existing controls, residual does not B) Residual risk is the risk remaining after controls are applied, inherent is before controls C) Both are identical; the terms are interchangeable D) Inherent risk is always higher than residual risk by a fixed factor Answer: B Explanation: Inherent risk is the raw exposure before any controls; residual risk is what remains after controls are in place.
Electrician 558KS Contractor Ultimate Exam
Question 18. Which credit risk mitigation technique involves offsetting exposures between two counterparties to reduce net exposure? A) Collateral posting B) Credit default swap C) Netting agreement D) Sub-prime lending Answer: C Explanation: Netting agreements allow counterparties to consolidate multiple obligations, reducing net exposure. Question 19. In liquidity risk management, the term “Funding Liquidity Ratio” measures: A) The proportion of short-term assets to short-term liabilities B) The percentage of cash reserves held in foreign currency C) The ratio of cash inflows to cash outflows over a year D) The amount of capital allocated to market risk Answer: A Explanation: Funding Liquidity Ratio assesses an organization’s ability to meet short-term obligations with liquid assets. Question 20. Value at Risk (VaR) is best described as: A) The maximum loss that will never be exceeded B) The loss that will not be exceeded with a given confidence level over a specific time horizon C) The average loss over all scenarios D) The amount of capital required for regulatory compliance Answer: B
Electrician 558KS Contractor Ultimate Exam
Explanation: VaR estimates the threshold loss not expected to be exceeded with a set confidence (e.g., 95%) over a defined period. Question 21. Stress testing differs from VaR primarily because: A) Stress testing uses historical data only B) Stress testing evaluates the impact of extreme, hypothetical scenarios beyond normal market conditions C) VaR is qualitative, stress testing is quantitative D) Stress testing calculates expected loss while VaR does not Answer: B Explanation: Stress testing examines the effect of severe, often unlikely scenarios to assess resilience, whereas VaR focuses on typical market fluctuations. Question 22. Asset-Liability Management (ALM) in treasury primarily aims to: A) Maximize short-term profit from trading B) Align the maturities and cash flows of assets and liabilities to control interest rate risk C) Reduce operational costs through automation D) Increase the number of financial products offered Answer: B Explanation: ALM coordinates asset and liability cash flows to manage interest rate and liquidity risks. Question 23. Which of the following is a common internal fraud indicator? A) Sudden increase in sales volume B) Unexplained manual adjustments to financial records C) Consistent on-time project delivery D) Low employee turnover
Electrician 558KS Contractor Ultimate Exam
Answer: B Explanation: GDPR grants individuals the right to request deletion of personal data (“right to be forgotten”). Question 27. A third-party vendor risk assessment should include evaluation of: A) Vendor’s brand logo design B) The vendor’s financial stability, security controls, and regulatory compliance C) The vendor’s office location only D) The vendor’s social media followers Answer: B Explanation: Comprehensive vendor risk assessments examine financial health, security posture, and compliance status. Question 28. Business Continuity Planning (BCP) differs from Disaster Recovery (DR) primarily in: A) BCP focuses on maintaining essential business functions during a disruption, while DR focuses on restoring IT systems after a disaster B.1) BCP is only for natural disasters, DR is for cyber attacks C) DR includes employee communication plans, BCP does not D) There is no difference; they are interchangeable Answer: A Explanation: BCP ensures continuity of critical operations; DR is a subset that restores technology infrastructure. Question 29. ACH (Automated Clearing House) transaction risk is most associated with: A) Currency conversion errors B) Duplicate or unauthorized debits/credits due to processing errors or fraud
Electrician 558KS Contractor Ultimate Exam
C) Physical theft of cash D.1) Incorrect tax filing Answer: B Explanation: ACH risk includes unauthorized or erroneous electronic fund transfers. Question 30. In digital identity verification for online account opening, which technique provides the highest assurance level? A) Knowledge-based authentication (KBA) questions B.1) Biometric verification (e.g., facial recognition) combined with document validation C) Email verification link D) Phone number OTP Answer: B Explanation: Biometric verification plus document validation offers strong identity proofing compared to knowledge-based methods. Question 31. Which of the following is a primary objective of Anti-Money Laundering (AML) regulations? A) To increase bank profitability B) To detect, prevent, and report suspicious transactions that may involve illicit funds C) To regulate interest rates D) To standardize loan underwriting criteria Answer: B Explanation: AML laws aim to stop the flow of illicit money by requiring detection and reporting of suspicious activity.
Electrician 558KS Contractor Ultimate Exam
Question 35. A “trigger” in a KRI monitoring system is: A) A mandatory training session for staff B) A predefined threshold that, when breached, initiates an escalation or response process C.1) The name of a risk owner D) A financial audit report Answer: B Explanation: Triggers are threshold levels that, when crossed, prompt alerts and actions. Question 36. Continuous monitoring of the control environment typically relies on: A.1) Periodic manual inspections only B) Automated data analytics, real-time dashboards, and periodic testing C) Annual board meetings D) External audit reports Answer: B Explanation: Ongoing monitoring uses technology and analytics to detect control failures promptly. Question 37. A root cause analysis (RCA) after an incident primarily aims to: A.1) Assign blame to individuals B) Identify underlying systemic factors that led to the event to prevent recurrence C) Calculate financial loss only D) Update marketing materials Answer: B
Electrician 558KS Contractor Ultimate Exam
Explanation: RCA seeks systemic causes to improve processes and avoid repeat incidents. Question 38. Which communication method is most effective for delivering risk information to senior executives? A) Detailed technical memos with jargon B) Concise executive summaries with visual risk heat-maps and key metrics C.1) Social media posts D) Long-form newsletters Answer: B Explanation: Executives prefer high-level summaries with visual aids highlighting critical risk data. Question 39. In the context of regulatory compliance, a “material breach” is defined as: A) Any deviation from internal policies, regardless of impact B.1) A violation that could affect the organization’s financial statements or stakeholder decisions significantly C) A minor filing delay D) A breach of personal email etiquette Answer: B Explanation: Material breaches have significant financial or reputational consequences and must be reported. Question 40. Which of the following best illustrates a “risk-adjusted return” concept? A) Return on assets (ROA) without considering risk B) Return on capital (ROC) multiplied by a risk factor such as volatility or VaR C.1) Net profit margin only D) Gross revenue
Electrician 558KS Contractor Ultimate Exam
C) Monetary values in dollars D) Time durations Answer: B Explanation: Qualitative matrices use descriptive likelihood categories. Question 44. In a risk register, the field “owner” refers to: A) The person who created the register B.1) The individual accountable for managing the specific risk C) The external auditor D) The regulatory agency Answer: B Explanation: The risk owner is responsible for overseeing mitigation and monitoring of the risk. Question 45. Sensitivity analysis in quantitative risk modeling helps to: A.1) Determine how changes in input variables affect the output (e.g., EMV) B) Create a visual risk heat-map C) Replace the need for Monte Carlo simulation D) Set the organization’s risk appetite Answer: A Explanation: Sensitivity analysis isolates the impact of varying assumptions on model results. Question 46. Which of the following best describes “operational risk” in a banking context? A) Risk from changes in interest rates only B.1) Risk of loss resulting from inadequate or failed internal processes, people, systems, or external events
Electrician 558KS Contractor Ultimate Exam
C) Risk related solely to credit defaults D) Market price volatility Answer: B Explanation: Operational risk encompasses process, people, system failures, and external events. Question 47. A “control self-assessment” typically includes: A.1) Evaluation of control design and operating effectiveness by the owners of the control B) External audit of financial statements C) Development of new business strategies D) Marketing campaign analysis Answer: A Explanation: Control self-assessment is an internal review by those responsible for the controls. Question 48. Which of the following is an example of a “risk transfer” technique? A) Implementing a new firewall B.1) Purchasing cyber-insurance to cover potential data breach losses C) Conducting employee training D) Redesigning a workflow Answer: B Explanation: Insurance shifts the financial impact of a risk to the insurer. Question 49. The primary purpose of a “risk heat-map” is to: A.1) Visually prioritize risks by combining likelihood and impact into a color-coded matrix
Electrician 558KS Contractor Ultimate Exam
B) A list of all past incidents C) Detailed audit findings D) Employee performance metrics Answer: A Explanation: The statement defines the amount and type of risk an organization is willing to accept. Question 53. Which regulatory framework specifically addresses financial institutions’ risk management and capital adequacy? A) ISO 31000 B.1) Basel III C) GDPR D) COSO Answer: B Explanation: Basel III sets capital, liquidity, and risk management standards for banks. Question 54. In a “scenario analysis” for operational risk, the analyst typically: A.1) Describes a plausible adverse event, assesses its impact, and estimates potential loss B) Calculates VaR for market risk C) Determines credit scores for borrowers D) Designs a new IT system Answer: A Explanation: Scenario analysis builds detailed narratives of adverse events to gauge impact. Question 55. Which of the following best illustrates “risk avoidance”?
Electrician 558KS Contractor Ultimate Exam
A.1) Deciding not to launch a new product line because the market is highly volatile B) Purchasing insurance for a high-risk activity C) Implementing stronger access controls D) Sharing risk with a partner Answer: A Explanation: Avoidance eliminates exposure by not engaging in the risky activity. Question 56. A “risk-adjusted performance metric” such as RAROC (Risk-Adjusted Return on Capital) is used to: A) Measure profit without considering risk B.1) Evaluate returns relative to the amount of risk capital allocated, facilitating better risk-aware decision making C) Calculate tax liability D) Rank employees Answer: B Explanation: RAROC compares returns to risk-adjusted capital, integrating risk into performance assessment. Question 57. Which of the following is an example of a “control activity” in the COSO framework? A.1) Segregation of duties in payment processing B) Setting the organization’s mission statement C) Conducting a market analysis D) Publishing annual financial statements Answer: A Explanation: Segregation of duties is a classic control activity to prevent errors and fraud.
