Free GARP FRM-Part-2 Exam Questions

The CRO at a bank wants to strengthen the bank’s capability to defend itself against emerging cyber-threats. To help achieve this goal, the CRO is assessing the current range of practices regarding the sharing of cybersecurity information between different types of institutions, as well as the potential benefits from sharing information. Which of the following statements would be most appropriate for the CRO to make?

Unconditional testing does not reflect the:

Within the context of the three lines of defense model, risk champions (or risk specialists) are most likely to be included in which lines?

Bank, Inc., (Bank) operates in the United States and has a service contract in place with Service Co. (Service), which operates in France. Service manages a significant amount of confidential customer data for Bank, and recently a computer glitch at Service resulted in the accidental public disclosure of confidential customer data. As a result of the data breach, which of the following risks is Bank least likely to face?

The board of directors of a fast-growing US-based bank is discussing a report offindings and recommendations issued after a recent regulatory review of the bank’srisk management framework. A board member notes that the regulators haveidentified deficiencies in the bank’s model validation process, and recommends thatthe CRO develop a plan for improvement in this area. The CRO consults theFederal Reserve guidelines for examples of best practices, and identifies ways thatthe bank can improve its validation approaches to conform with the guidelines.Which of the following recommendations is appropriate for the CRO to make?