GRCP exam

What are norms?A . Norms are customs, rules, or expectations that a group socially reinforces.B . Norms are the typical ways that the business operates.C . Norms are the regular employees of an organization as opposed to contractors brought in for unusual (not normal) projects.D . Norms are the normal...

What is the term used to describe the level of risk in the absence of actions and controls?A . Uncontrolled RiskB . Inherent RiskC . VulnerabilityD . Residual RiskView AnswerAnswer: B Explanation: Inherent Risk refers to the level of risk present before any mitigation actions or controls are applied. Definition:...

Which Critical Discipline of the Protector Skillset includes skills to address obligations and shape an ethical culture? A. Compliance & Ethics B. Security & Continuity C. Governance & Oversight D. Audit & AssuranceView AnswerAnswer: A Explanation: The Compliance & Ethics discipline is centered on ensuring that the organization meets its...

In the IACM, what is the role of Compound/Accelerate Actions & Controls?A . To identify and address any potential conflicts of interest that may compound or accelerate enforcement actions against the company.B . To enhance the brand image and reputation of the organization.C . To accelerate and compound the impact...

What does it mean for an organization to "reliably achieve objectives" as part of Principled Performance?A . It means achieving short-term goals regardless of the impact on long-term success.B . It means having measurable outcomes.C . It means achieving mission, vision, and balanced objectives thoughtfully, consistently, dependably, and transparently.D ....

What are the four dimensions used to assess Total Performance in the GRC Capability Model?A . Quality, Productivity, Flexibility, and DurabilityB . Accuracy, Precision, Speed, and StabilityC . Effectiveness, Efficiency, Responsiveness, and ResilienceD . Compliance, Consistency, Adaptability, and RobustnessView AnswerAnswer: C Explanation: The four dimensions used to assess Total Performance...

In the IACM, what are the two types of Proactive Actions & Controls?A . Reactive Actions & Controls and Passive Actions & ControlsB . Prevent/Deter Actions & Controls and Promote/Enable Actions & ControlsC . Centralized Actions & Controls and Decentralized Actions & ControlsD . Quantitative Actions & Controls and Qualitative...

What is the difference between an organization that is being "Good" and being a "Principled Performer"?A . An organization must measure up to the Principled Performance definition to be a "Principled Performer," regardless of whether its objectives are subjectively perceived or preferred as "Good" or "Bad."B . A "Principled Performer"...

In the context of assurance activities, what does the term "assurance objectivity" refer to?A . To the degree to which an Assurance Provider can adhere to industry standards and best practices in performing audits.B . To the degree to which an Assurance Provider can provide accurate and reliable information to...

What is the term used to describe the measure of the negative effect of uncertainty on objectives?A . RiskB . HarmC . ObstacleD . ThreatView AnswerAnswer: A Explanation: Risk is defined as the effect of uncertainty on objectives, encompassing both positive opportunities and negative outcomes. Definition: In GRC and risk...