GRCP Practice Questions
A common mistake in setting up notification pathways is - ANS-Not capturing all
notifications made via informal methods or unstructured channels.
A threat is - ANS-an event or condition that has, on balance, an undesirable effect on
achieving objectives
An integrated approach to GRC involves - ANS-applying a common vocabulary,
approach and technology infrastructure to GRC processes.
Principled Performance represents achievement of - ANS-the most critical objectives
that an organization chooses to pursue whilst employing an effective, efficient and
responsive approach to governance, risk management and compliance that supports
those objectives
What are proactive actions and controls? - ANS-Specified process steps or actions that
will reduce the likelihood and impact of undesirable events, activities or behavior
What is a GRC curriculum plan? - ANS-A plan setting out the order and timing of all
courses for a particular role or family of roles, which may include a description of each
course, its objectives, and method/mode of delivery
When establishing procedures for investigating complaints or reports about compliance
or ethical issues, an organization must: - ANS-Define categories of issues that are
significant enough to be escalated to senior management and/or outside counsel
immediately upon validation
Which is the best description of a Risk Management Action Plan? - ANS-A document
that sets out the strategy, structures, processes, activities and resources to
appropriately manage the organization's risks to reduce or avoid adverse effects and
grasp opportunities
Which of the following is a potential source of failure when establishing an approach to
integrate and align the GRC capability with the business? - ANS-viewing establishment
or alteration of the GRC capability as a change activity that requires special
management rather than it being just a part of ongoing business
Which of the following is NOT true? - ANS-An organization always should have only one
code of conduct that applies to everyone throughout the organization
Which of the following statements is NOT correct? - ANS-Assurance should be
performed by individuals who have the deepest understand of the actions and controls.
Which of the following would NOT be appropriate when monitoring external context? -
ANS-having only one source of information about each item being monitored
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Hkane. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $7.99. You're not tied to anything after your purchase.
