Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. GAQM
  5. ISO-31000-CLA

GAQM ISO-31000-CLA Exam Questions
ISO 31000 - Certified Lead Risk Manager (Page 3 )

Updated On: 26-Apr-2026
Page 3 of 21
PDF with 100 Questions

Relying on historic analysis when assessing potential risks and possible impacts implies that

  1. should adverse events occur, the impact can be accurately modelled.
  2. all significant risks can be confidently analysed.
  3. management believe that the future will behave much like the past.

Answer(s): C

Explanation:

According to 1, page 19, historic analysis is "a method of risk identification based on past data". It assumes that past patterns and trends will continue in the future, which may not always be true.



Using the FIRM scorecard which of the following risks could a risk manager quantify?

1. Loss of income.

2. Financial gain.

3. Reputational damage.

  1. 1 and 2.
  2. 1 and 3.
  3. 2 and 3.

Answer(s): A

Explanation:

According to 2, FIRM scorecard is "a tool for measuring risk performance". It uses four dimensions:
financial impact, internal processes, reputation and market position (FIRM). Loss of income and financial gain are examples of financial impact risks that can be quantified using monetary values or ratios. Reputational damage is an example of reputation risk that is more difficult to quantify using objective measures.



Which of the following statements about captive insurance companies are correct?

1. A captive cannot act as a reinsurer.

2. A captive can access reinsurance markets.

3. A captive can sometimes offer greater cover than is available in the insurance market.

4. A captive must be located in the same country as its parent company.

  1. 1 and 4.
  2. 1 and 2.
  3. 2 and 3.

Answer(s): C

Explanation:

According to 3, a captive insurance company is "a wholly owned subsidiary insurer that provides risk mitigation services for its parent company or related entities". It can act as a reinsurer by accepting risks from other insurers or captives 1. It can also access reinsurance markets to transfer some of its own risks 1. It can sometimes offer greater cover than is available in the insurance market by tailoring its policies to suit its parent's needs 3. It does not have to be located in the same country as its parent company; in fact, many captives are domiciled offshore for tax or regulatory reasons 4.



New definition of risk under ISO 31000 and 31010 is:

  1. Danger that injury, damage, or loss will occur
  2. Possibility of investment loss
  3. Probability of loss to an insurer
  4. Probability of an event that will have an impact on objectives

Answer(s): D

Explanation:

According to ISO/IEC Guide73 (2009), clause 1., risk is defined as "the effect of uncertainty on objectives". This definition applies to both ISO/IEC Guide73 (2009) and ISO31000 (2018), which are standards for risk management terminology and principles respectively.



Causes of risk include all the following except:

  1. Health, safety and environment
  2. Finance
  3. Insurance
  4. Chemical breakdown

Answer(s): C

Explanation:

According to ISO/IEC Guide73 (2009), clause B., causes are "elements which alone or in combination have potential to give rise to risk". Health, safety, environment, finance and chemical breakdown are examples of causes that can create risks for an organization or an individual 1. Insurance is not a cause but a method of transferring or mitigating some types of risks 1.



Viewing page 3 of 21
Viewing questions 11 - 15 out of 100 questions
Share your experience with other


AI Tutor AI Tutor 👋 I’m here to help!