Enterprise Risk Management D368 WGU

A financial institution is willing to offer loans to people and companies who do not qualify for loans from competing financial institutions because of their low credit ratings. By doing so, the institution takes on more credit risk than its competitors. How does this financial institution compare with its competitors in terms of risk management?

It has a higher risk tolerance.

A company underwent a bankruptcy reorganization during a pandemic because the company was unable to remain solvent. How should the company account for black swan events in risk management in the future?

By including a weighting for various black swan events in key risk indicators

A governmental department has noticed that oversight of contract allocations to private contractors is increasingly failing audits. The heads of the governmental department benefit financially when contracts are allocated, and the organization’s budget growth is dependent on a continued increase in contract allocations. How should the organization adjust structurally to remedy this compliance risk?

By building risk awareness into directors' performance goals

A company has experienced a data breach that resulted in the dissemination of trade secret information. Executives have diagnosed the source of the breach to be human error and must update the company’s risk mitigation protocol. How should the company reduce its risk?

Add a secondary control procedure to the source of the breach

A wood furniture manufacturer has created a risk management profile that specifies risk criteria for climate change. Due to changing weather conditions, timber prices have risen and transport costs increased, while consumer spending on durable home goods has decreased. Which aspect of the risk management profile should the manufacturer adjust, given this change?

Procurement cost risk

A pharmaceutical company violated the company’s risk management protocols and federal regulations regarding the advertising and promotion of pain medication. This violation led to many patients facing physical ailments, dependency, or death. What should the relationship be between court-imposed penalties and violations?

Sufficiently punitive to prevent future offenses

A semiconductor manufacturing company has been reducing the amount of debt it takes to fund its capital structure. As a result, there is a reduction in debt service and risk from the debt. Soon, the regulatory burden on the company is expected to decrease due to a change in government policy. How will this affect the company's approach to manage its risks going forward, assuming other factors affecting the company's risk-taking capacity remain constant?

The company will be able to invest in more risky projects as the financial leverage of the company has decreased.

An organization operates in a highly competitive environment that is continuously changing because of technological advancements and regulatory changes. Despite market challenges, the management is tasked with innovating and adapting while mitigating risks. Consequently, the management is assessing employee risk tolerance and aligning company goals with market conditions. What does this scenario reflect about the company's risk tolerance capacity?

The company maintains a balanced risk management strategy.

A pharmaceutical manufacturer is facing production inefficiencies, quality control issues, and a loss of skilled employees to competitors. Analysis reveals the company's outdated technology to be the reason behind the company's decline. What does the use of outdated manufacturing technology exemplify in this scenario?

Risk driver

A shoe manufacturer faces frequent equipment breakdowns, resulting in a significant increase in costs due to equipment downtime. To address this, the company plans to purchase equipment breakdown insurance this year. Which risk management strategy is the company implementing?

Risk transfer

A consumer products and packaging company is developing risk criteria as procedural rules for analyzing and evaluating the significance of risk. What is the key element that the company should consider?

Internal guidelines for accepting specific risks as well as overall risks

Multiple subsidiaries report to a chief financial officer (CFO) of a parent company and adopt international financial reporting standards (IFRS) across reports but vary in using cash or accrual methods. The company’s 10-K statement shows revenue adjustments, resulting in the volatility of stock prices in secondary markets. Which action should the chief risk officer (CRO) implement to remedy the company’s risk management problem?

Requiring regular internal audits and using consistent accounting methods

A board of directors noticed a company stock price has declined, following low operational efficiency and frequent personnel turnover. The board determines that the source of the error was a failure to adhere to safety regulations and wants to reevaluate the company’s risk management plan. What should the board of directors ask the chief financial officer to do to assist with addressing this problem?

Compare costs of noncompliance with financial benefits of meeting standards

A multinational company has undergone a bankruptcy reorganization due to prior mismanagement of risks that caused the company’s insolvency. The company’s board of directors has hired a new chief risk officer (CRO) to handle ongoing operations risk management. What is the priority for the CRO regarding ongoing company operations?

Residual risk after risk treatment implementation

A company’s chief financial officer (CFO) is responsible for enterprise risk management in a small manufacturing business. The CFO appropriates capital to crisis preparedness and is tasked with creating an optimal budget for enterprise capital and risk management requirements. Which aspect of the business should the CFO balance crisis preparedness costs against?

Operating objectives

An appliance company produces several kinds of machines for home and industrial use and has an overarching risk management document that encompasses all product lines. The company wants to ensure that risk mitigation protocols are tailored to each product’s production. Which method of ongoing quality control for the company’s risk management document should the company implement?

Periodic review by each business unit

A footwear and apparel manufacturing company plans to launch a few new products in emerging Asian markets. The board has tasked the chief risk officer (CRO) with assessing the emerging risks and strategic and operational uncertainties that cannot be quantified. Which role is the CRO playing in this scenario?

Strategic adviser

A company deploys a new online payment platform. However, industry experts highlight potential vulnerabilities in the system's digital security framework, which quickly escalate to become the top risk management issue. What is the role of the board of directors in managing risks of this nature?

To promote a risk-aware culture and align risk management processes with the business strategy

A company is expanding into autonomous drone delivery services, which brings new risks—from regulatory compliance to operational safety. The company's internal audit function will facilitate the management of these new risks. Which role is appropriate for the internal audit function in this scenario?

Evaluating risk management processes

After the discovery of mismanagement of appropriations, a government agency wants to implement an ERM framework. The senior management wants to increase the chances of success of the ERM program as a process that adds value and enhances decision-making. Which approach should the senior management of the agency adopt to accomplish this?

Encourage a cultural shift where risk management is integral to the operational processes

During labor negotiations, a government agency is facing the risk of potential strikes and workforce disruptions. The agency's head forms a risk management committee comprised of cross-departmental leaders to help discuss the implications of the labor dispute and assess the risk-reward trade-offs of various negotiation strategies. What is the role of the risk management committee in this scenario?

To provide the agency head with updates or information concerning the labor dispute

What is classified as risk for policy purposes when using the International Organization for Standardization 31000 (ISO 31000) Enterprise Risk Management (ERM) framework?

The effect of uncertainty on objectives

Which principle of Control Objectives for Information and Related Technologies (COBIT) aligns standards within an organization?

Applying a single integrated framework

Which ERM framework deems value creation and protection as the objective of risk management?

ISO 31000

Which principle of Control Objectives for Information and Related Technologies (COBIT) creates an all-inclusive strategy for IT governance and management?

Enabling a holistic approach

An innovative tech company that operates in a rapidly evolving industry has adopted the ISO 31000:2018 framework. To stay aligned with the changing industry landscape, the company continuously monitors its external and internal contexts to keep up with the risks as they appear and disappear. Which principle from ISO 31000:2018 is the company focusing on?

Dynamic

While planning for international expansion, a company identifies the need to design its risk management approach aligned with the ISO 31000:2018 framework. The management wants to foster an environment where all team members feel empowered to contribute to risk management and to integrate these ideals into the company's operational ethos. What should the management do when designing the ERM framework to accomplish this?

Clearly define and communicate the responsibilities and authorities given to people across the organization to manage risk

A company that operates in a quickly evolving industry has adopted ISO 31000. To implement the ISO framework principles, the company has built a dynamic ERM program that not only tracks changing and evolving risks but also aims for continual improvement. Which component of the COSO ERM framework emphasizes a similar approach as these principles of the ISO 31000 framework?

Review and revision

A company that follows a remote work model logs each attempt to access the company's server. The IT department closely monitors the log to identify any unauthorized access to the server. Which type of control does this scenario exemplify?

Detective control

A computer chip manufacturing company evaluates its accounts receivable and credit policies to see if they align well with its ability to take risks. The finance department recognizes the importance of balancing sales growth with the risk of bad debts.What should the company's objective be when deciding on updates to the policies?

Accepting a certain level of bad debts to mitigate the risk of sales constraints

Which scenario illustrates a company's effective communication of its risk stance to its stakeholders?

A financial institution issuing a statement rejecting speculative positions in market trading

While trying to embed ERM into its operational framework, a retail company encounters resistance from staff who perceive ERM as merely an increase in administrative tasks. This impedes the successful ERM implementation in the company. What is one way for the company to effectively change staff perceptions and enhance the value of ERM within the company?

Organize risk workshops with interactive elements focused on solving real business problems

The executives of a mobile application development company want to make a strategic decision about whether to proceed with the acquisition of a popular messaging app. To leverage risk management for making this decision, the executives assign a team of risk specialists to create a decision document. What should this decision document contain?

The key findings and insights

A company's board has delegated risk oversight to a risk oversight committee. The committee regularly updates the full board on significant changes in the company's risk profile. Which action by the risk oversight committee will enable it to fulfill its role effectively?

Keeping communication channels with ERM leaders open for reporting emerging risks

A telecom company that is developing and implementing an ERM program conducts a scenario planning exercise focusing on evolving consumer needs and behaviors. How can the company effectively integrate its ERM efforts with the scenario planning exercise?

By incorporating the risk insights from the ERM program into scenario planning

A company's new chief risk officer (CRO) finds that each month-end, their department is occupied with compiling and sending reports to the management. Inquiry reveals that with every new management, reporting requirements change, leading to a gradual accumulation of reports that are expected but often left unread. Which action by the CRO demonstrates effective risk management in this scenario?

Identifying unnecessary reports and eliminating them to ensure that the remaining reports are relevant and useful

A global investment firm hires a consultant to evaluate its risk management processes. The consultant advises that although the firm has rigorous risk management practices, the firm is susceptible if there is an economic downturn, as it is not equipped to handle market volatility and liquidity challenges beyond its control. What should the firm do to prepare itself should such a situation arise in the future?

Develop the capability to quickly realign the organization's resources

A company has an opportunity to expand its operation to either Country A or Country B. The executive team has collected relevant information about the risks and opportunities offered by each country and must decide on one of them. How will focused scenario planning help decision-making in this case?

It will enable the analysis of one country at a time and allow for a deeper understanding of the specific context and factors.

A renewable energy company is planning a significant expansion into a new market. The management requires a comprehensive decision report that covers associated uncertainties, risks, and potential benefits. The report should also identify critical issues that must be addressed. How should the company structure its decision report to align with management's requirements?

Include the probability of meeting targets and key risks and opportunities that could impact performance

A sustainable energy company has been invited to build and install a large solar farm in another country. It is a great opportunity for the company to grow its business. At the same time, it is also risky because it is a long-term investment spanning 25–30 years and the local geopolitical environment is not stable. Which risk assessment technique will be specifically useful for the company in this case?

Scenario planning

A financial software provider identifies security breaches due to outdated client transaction systems. The software provider adopts a strategy of regularly updating its systems to fix identified security flaws, based on the analysis of past breaches. Which cybersecurity control aligns with the software provider's approach?

Patch management

An insurance company relies on a third-party vendor to manage its payroll services. Despite the convenience, the company is aware of potential security threats, such as the addition of ghost employees or the redirection of funds by hackers. Which measure should the company implement to mitigate risks associated with outsourcing payroll?

Implement detailed reconciliation of payroll reports with internal records

A multinational corporation is expanding into new markets, increasing its exposure to various risks, such as geopolitical instability, currency fluctuations, and supply chain disruptions. The company seeks a holistic approach to align strategic objectives, track performance across different dimensions, and proactively integrate risk management to identify and mitigate risks. Which tool should this corporation implement to align strategic objectives and manage risks effectively?

Balanced scorecard

A tech firm is reviewing its long-term growth strategies to ensure sustained profitability. The strategic planning committee has identified several opportunities, including expanding into emerging markets, developing a new line of consumer electronics, and partnering with a global e-commerce giant. To ensure a well-informed decision, the committee wants to visualize and assess all possible threats associated with each opportunity. Which tool should the strategic planning committee use for this purpose?

Risk map

A construction company is planning to undertake a major infrastructure project that involves significant financial investments and operational risks. It is considering purchasing insurance to protect against potential losses and liabilities associated with the project. How does the company benefit from purchasing insurance for its infrastructure project?

By transferring the financial burden of potential losses to the insurance company

A company is using scenario planning to mitigate the risk of supply chain disruption to its profitability. The company wants to quantify risk by assessing the impact of manageable supply chain disruptions and extrapolating a compounding of risk into the future. Which costs are necessary to quantify for an accurate risk assessment?

Opportunity cost of missed sales and the cost of storing reserve inventory

A publicly traded company's stock price faces significant systematic risk and is subject to heavy declines in a market correction. The company sets aside funds to repurchase stock in the event of significant declines. Which cost should the company assess regarding a prolonged market correction?

The cost of deploying excessive capital

A company is using scenario planning to test the company's solvency during global military conflict while interest rates are falling and raw materials necessary for production are scarce. The company also wants to run this scenario relative to changing consumer trends and market participant behavior. Which problem will executives face in accurately assessing risk?

The contextual environment is too complex to yield useful conclusions.

A company lacks access to intellectual property licenses for important technological developments that are necessary for maintaining market share. The company now needs to figure out ways to invest in growth to bypass the risk innovation poses to its capital structure. Which aspect of value creation and protection does the company need to improve?

Maintaining an evolving, dynamic risk plan

A retail bank has a cybersecurity system that ensures each branch complies with maintaining client information privacy. Bank employees access client information on company-owned laptops situated throughout the branch. Which types of risk controls does the bank need to reinforce to ensure client information is seen only by authorized employees?

Authentication controls

A company has had six profitable months in financial investments. The CFO thinks that the company has had good luck for quite some time and is now due for failure and, consequently, makes overtly conservative financial decisions. Which probability bias is the CFO exhibiting?

Gambler's fallacy

A risk officer organizes a black swan workshop. During the workshop, participants engage in a thought experiment wherein they imagine unlikely hypothetical scenarios and are encouraged to think beyond the obvious. What is one advantage of such workshops?

They help in preparing to plan for unforeseen and unpredictable risks.

A manager has been asked to facilitate a risk workshop. The manager is concerned that the participants might lose interest after some time and the discussion might stall. Which tip should the manager follow to keep the discussion going?

Avoid encouraging lengthy descriptions of the underlying theories

After completing a risk assessment, a company's chief risk officer (CRO) plots the risk on a risk map. How does this method benefit the risk management process?

It improves the focus on and management of major risks.

A toy manufacturing company has developed a business continuity plan in which the roles of all the managers are clearly defined should the need to implement the plan arise.Which scenario will compel the company to put this plan into action?

A factory being hit by a hurricane and sustaining extensive damage

The founders of a beverage company were asked by executives to participate in a risk workshop on consumer taste changes. The founders created the company based on offering popular drinks the founders enjoyed in childhood, and the founders have struggled to approve the addition of new products. How can the founders apply the workshop to improve the company’s growth strategy?

By overcoming cognitive bias that interferes with effective decision-making

A chief risk officer (CRO) has planned a decision-making workshop regarding the company’s response to a sudden set of risks that require quick action. The risks include new competitors in the industry and the company’s business model sustainability. How should this workshop differ from other risk workshops the company may run?

By having a tighter agenda and an active facilitator role addressing risk strategy

A company has seen product price deflation driven by a sudden oversupply in the company’s main raw materials. Executives have recommended shutting down production to save on costs, even though restarting production could be a year-long process before profitability is possible. What should the company’s risk management officer consider when creating a risk mitigation plan in this scenario?

That risks can change or disappear as the external environment changes.

A chief financial officer (CFO) has allocated a budget for risk mitigation to the most critical risks facing an organization. The organization has limited funds available for risk mitigation and must allocate funds based on likelihood and probability of a risk occurring. What should the board of directors notice about this risk mitigation approach?

The CFO has failed to assess the impact of less likely risks that may be catastrophic.

A company plans to expand its product line and enter a new market. The risk management team has been tasked with conducting a new strategic risk assessment for the expansion. What does this imply for the information requirement for conducting the risk assessment?

The incremental information requirement will materially increase.

The government of a developing country has proposed a new law that will effectively prevent debt obligations from being paid in a timely fashion. Which risk will the organization assess in response to this proposal?

Sovereign risk

A packaged food company plans the launch of a line of beverages. However, market research shows that overall consumer confidence has declined for the past four months because of rising unemployment. Which type of risk will the company face if it decides to launch the new product line at this time?

Economic risk

An American company that operates in a foreign country experiences a drop in its revenue when the host country doubles the taxes for foreign-owned businesses. This leads to a cash flow problem, and the company is unable to meet its financial obligations. Which type of risk has materialized in the scenario?

Sovereign risk

Which type of risk mitigation can a company utilize in response to the impact of changes in equity prices?

Market risk

A publicly traded software company that develops innovative software solutions is planning to expand into new markets. However, a sudden announcement of a breakthrough technology by a competitor causes a significant drop in the company's stock values as the investors lose confidence in its future profitability. This adversely impacts the company's ability to raise capital and causes a cash flow crunch. Which type of risk has materialized in this scenario?

Equity price risk

A company wants to actively manage market risk so that it can adjust its pricing, marketing strategies, and investment plans to market changes. The company's executive managers want to implement a process to monitor market movements that indicate imminent changes in market conditions. Which action will help the company accomplish this?

Measuring the correlation of price changes

An American financial institution invested in an overseas manufacturing company and wants to ensure that it stays informed if the company shows early signs of becoming a credit risk. What would be an early indication of credit risk?

The company's payment cycle doubling from 30 days to 60 days without an explanation

Which type of insurance product protects an organization against loss of revenue from closure due to a public health crisis?

Business interruption insurance

A financial institution that maintains digital records of customer information and financial transactions wants to mitigate cybersecurity risks, so it buys cybersecurity insurance. Which risk mitigation approach has the institution used in this scenario?

Transferring risk

A company tasks its risk manager with assessing the risk exposure associated with allowing employees to connect external USB drives and personal smartphones to office computers. Based on the assessment, the company established policies that explicitly prohibit employees from using USB drives or their personal smartphones on the company's premises or network. Which approach to risk mitigation does this scenario describe?

Avoiding risk

A medical device company manufacturing devices for testing blood sugar through collecting blood has seen steady decreases in sales over two years. Management has discovered that other companies use patented technology for testing without puncturing through skin. The company currently focuses on current product line marketing as it is a leader in the blood sugar testing market. How should management instead reassess the company’s approach to risk?

By increasing risk appetite by pursuing innovative product ideas

A company is determining the profitability likelihood of new production equipment in a manufacturing plant. The equipment is novel, and this is the first time that several machines will be used together in an interconnected manner. The company’s risk assessment regarding this equipment seeks to address this new operational setup. Which element should a risk manager consider when assigning risk criteria to this setup?

The uncertainty of how the new apparatus functions in this new manner

A governmental organization has two conflicting mandates that require risk mitigation and dual implementation. Fully satisfying one mandate necessitates the inability to satisfy the other mandate. How should this governmental organization create a risk management plan to manage the mandates?

By creating a solution segmenting competing objectives by liability exposure

A manufacturing company is updating the company’s risk statement due to expanding and adding new products into production. What strategy is appropriate for the risk management team to use during this process?

An enterprise-wide view on company activities

A congressional committee has noticed increased operational loss reporting and Chapter 11 bankruptcy reorganizations by companies due to environmental disasters. Which risk management adjustment should this committee suggest that companies implement?

Embedding climate risk monitoring into governance frameworks

The chief risk officer (CRO) of a company developing an ERM program believes that embedding risk management into the company's culture and philosophy is essential for the program's success. However, some division heads believe that this is unnecessary for ERM success. Which argument should the CRO present to these division heads to secure their support for embedding risk management into the company's culture and philosophy?

"Risk management will enable people to proactively deal with adverse events and take action before these events occur."

A consumer goods manufacturer plans to expand its production plant to meet growing demands, which requires new production lines and infrastructure updates. The project management team opts to assess and analyze project risks using ordinal scales to select potential risk treatments. What does this scenario exemplify?

Risk criteria

A company has been incurring heavy losses from bad debts in recent years. As a result, the company has decided to limit the percentage of credit sales from the next quarter. Which strategy has this company implemented to mitigate the bad debt risk?

Risk reduction

A company is in the process of aligning operational risk management with enterprise risk management. What is a key performance management element that needs to be clearly articulated to the personnel to achieve this?

Risk tolerance

One of the processes in an organization's annual business planning cycle is having decision-makers communicate key risks to the people who are accountable for those risks. To do this, the decision-makers employ a communication tool. This tool also aids in strategic planning by giving a current perspective on the organization's opportunities and threats. Which tool are the decision-makers using?

Risk profile

A life insurance company notices that term policies in certain markets were paid out to the insured’s beneficiaries significantly more than in other markets. The company is legally obligated to have a uniform underwriting procedure for all insured per each term policy product. Which suggested action should appear in the company’s risk tolerance analysis?

Refining methods used to aggregate and diversify levels of risk

A company’s chief financial officer (CFO) is tasked with reevaluating the company’s debt risk due to recent central bank monetary policy changes. As a result, the CFO has increased the company’s risk tolerance as the central bank has announced a pause in interest rate hikes. What is one risk the CFO should account for when increasing risk tolerance in this area?

Exposure to financing cost increases should interest rates increase

A company committed waste disposal violations that were negatively reported on national news. The adverse effect on the company's sales was severe, and the board of directors immediately assessed the quality of the company's risk management plan. How should the board of directors address the company's reputation risk within the company's risk management plan?

By adjusting risk criteria to accurately reflect public image risk

A company created a risk mitigation plan for a newly acquired service that it offers. The service is complex in nature, requiring additional staff and oversight. How should the board of directors properly handle this risk management plan?

By delegating responsibility to a specialized subcommittee

A company’s board of directors decided to appoint a risk management committee to supervise risk management for a specialized subset of company services. How does the board ensure that the committee properly oversees risk management implementation?

By selecting members with sufficient expertise and experience

An online ticket sales company’s net free cash flow has been decreasing yearly for the past five years as competitors have increased sales in this technology space. The chief financial officer (CFO) acts as the company’s risk management planner and must report to the board of directors regarding a mitigation plan to address this problem. How should the CFO correctly measure hazards to cash flow in a risk assessment?

By redefining the risk criteria for market share loss

A company incurs heavy losses after the chief financial officer (CFO) makes risky investments because of the lucrative incentive package tied to investment performance. An inquiry reveals that because of inadequate risk mitigation measures, the compensation committee signed off on incentive packages for the chief executive officer (CEO) and the CFO that were not aligned with the company's risk appetite. Who is ultimately responsible for this failure to monitor the ERM program?

The full board

As a result of regulatory changes and growing operational complexities, a company places pressure on its audit committee to take over the ERM oversight. The audit committee responds by saying that it already has a substantial workload because of the Sarbanes–Oxley (SOX) Act compliance and that its primary focus is on financial reporting. Which action should the board take to ensure effective oversight of risk?

Establish a separate risk committee dedicated to ERM oversight

As part of its global expansion strategy, a company must deal with complex international content distribution regulations. To navigate this, the chief risk officer (CRO) formalizes and implements a risk policy framework with periodic endorsements by the board and a senior executive. Which role is the CRO playing in this scenario?

Compliance champion

A small company with a relatively flat hierarchy is considering developing a risk management program. The company's management is trying to determine a suitable person to lead the ERM effort. Why should the company consider the chief financial officer (CFO) for this role?

The CFO provides a broad understanding of the organization's key performance drivers in assessing financial risks.

A company has reported a significant net earnings loss because of continuous inflation in commodity costs relevant to production. The company failed to predict macroeconomic changes, despite having sufficient excess free capital when inflation was low and commodity prices were suppressed. Which remedy to the errors in the company’s risk management planning process will mitigate subsequent earnings losses?

Performing proper evaluation of pertinent operational risks

What is one purpose of the National Institute of Standards and Technology (NIST)?

To promote American innovation and industrial competitiveness

Which standard principle supports value creation and protection under the International Organization for Standardization 31000 (ISO 31000) guidelines?

Continual improvement

A multinational bank that operates in various countries is subject to strict local regulations in each country. These regulations usually have a compliance focus. The bank management is interested in adopting an ERM framework alongside regulatory compliance. What is one reason for the bank to adopt an ERM framework?

To broaden the risk management scope beyond the mandatory compliance

What is a critical dimension of strategy according to the COSO ERM framework?

The possibility of strategy being inconsistent with the organization's mission, vision, and core values

A software company is launching a new platform, prompting a revision of the information and communication strategies to better support risk management and informed decision-making as it scales. What should the company do to stay aligned with the principles of the information, communication, and reporting component of the COSO ERM framework?

Utilize advanced information systems to aggregate, process, and disseminate relevant risk data across the organization

What does the communication and consultation activity in the ISO process entail?

Promoting awareness and understanding of risk to engage stakeholders

Given the importance of ERM frameworks in achieving organizational objectives, a company's management is planning to adopt either the COSO or the ISO 31000 framework. What must be ensured for the successful adoption of one of these frameworks?

The company must have a fundamentally sound strategy.

A large tech company has been trying to implement an ERM framework to navigate the complexities of rapid innovation and market shifts. However, the leadership team recognizes that the existing corporate culture—characterized by departmental silos—must be addressed, or else it will hinder the effective adoption of ERM. What should the leadership do to facilitate the successful implementation of ERM?

Launch company-wide training emphasizing collaboration across functional teams

As a cost reduction measure, a company's management wants to outsource noncore functions to third-party providers. This will also allow the company to free up resources. To leverage the ERM process in making this decision, the management has asked the ERM team to create a decision document. Which question should be addressed in this document?

"What are the key concerns that must be addressed to ensure performance?"