Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. CIMA
  5. CIMAPRA19-P03-1

CIMA CIMAPRA19-P03-1 Exam Questions
P3 Risk Management (Online) (Page 2 )

Updated On: 15-Feb-2026
Page 2 of 56
PDF with 275 Questions

The Committee of Sponsoring Organisations (COSO) outlined six key principles of Enterprise Risk Management (ERM).
Which of the following are COSO key principles?

  1. The creation of a risk aware culture.
  2. A comprehensive and holistic approach to risk management.
  3. Risk management is the responsibility of the risk committee.
  4. Consideration of risk management in the context of business strategy.
  5. Consideration of the main risk only which is financial risk.

Answer(s): A,B,D



GHY is a listed company. Tom is GHY's CEO and Peter is its non-executive Chair of the Board. Tom and Peter both have substantial relevant business and industrial experience and both are believed to have considerable integrity. Tom and Peter quickly developed a good working relationship after Peter's appointment. They have become close friends.
Tom briefs Peter on every aspect of the business. Tom and Peter jointly agree the agenda for every board meeting and both agree on the manner in which matters will be presented to the board.
Taking account of the principles of good corporate governance, which of the following statements is correct?

  1. It is entirely appropriate that Tom and Peter have this kind of relationship and both are acting in the best interests of the company.
  2. Non-contentious board meetings show how well Tom and Peter are running the company and shows that the management is cohesive.
  3. The relationship between Peter and Tom may have a detrimental effect on company decision making as the Board is not always being informed about matters in an unbiased manner.
  4. Since the non-executive chair clearly has a significant role within this company there is little danger that any individual will become excessively dominant.

Answer(s): C



VBN is a multinational company that has 60 subsidiary companies that operate in 11 countries. VBN evaluates the performance of each subsidiary as an investment centre, using residual income to measure performance.
Which THREE of the following threats of dysfunctional behaviour may arise from VBN's use of residual income to measure subsidiaries' performance?

  1. Subsidiary boards may actively hedge translation risks.
  2. Subsidiary boards may take a short-term view to investment projects.
  3. Subsidiary boards may waste time by arguing over transfer prices.
  4. Subsidiary boards may waste time and incur unnecessary fees in order to recognise gains on the revaluation of property.
  5. Subsidiary boards may be motivated to spend heavily on capital expenditure in order to ensure that budget allocations are maintained and even increased.

Answer(s): A,B,C



DFG's call centre budgets four minutes for its operators to deal with a customer's enquiry and conclude the call. Team leaders are evaluated on the basis of the average call length. Simone is a team leader. Her team's average call length is five minutes and 30 seconds. Simone accepts full responsibility. She encourages her team members to check that the customer is satisfied before concluding the call.
On investigation, it was discovered that 2% of the customers who dealt with Simone's team had to call DFG again within seven days. Other teams had an average of 25% of customers call back within seven days because their first call had not fully resolved their problem.
Which of the following statements are true?

  1. The use of average call length may be leading to dysfunctional behaviour.
  2. Simone is in breach of call centre policy.
  3. It would be better to evaluate team leaders on the basis of multiple criteria.
  4. Team leaders should be responsible for setting policy on performance measurement within the call centre.
  5. Average call length should be replaced with the average rate of return calls as the primary performance measure for team leaders.

Answer(s): A,B,C



Passwords are frequently used to control access to computer systems.
Which of the following characteristics should a password have in order to make it effective?

  1. Passwords should be short words or names that users will easily remember.
  2. Passwords should contain 20 characters or more.
  3. Passwords should be changed on a regular basis.
  4. The strength of a password is increased by using upper and lower case and including numerals.
  5. Passwords should be written down in a secret place.
  6. Passwords should never be shared.

Answer(s): C,D,F






Post your Comments and Discuss CIMA CIMAPRA19-P03-1 exam dumps with other Community members:

Join the CIMAPRA19-P03-1 Discussion