1. Home
  2. CIMA
  3. CIMA Strategic
  4. P3
  5. Risk Management Questions and Answers

Pass the CIMA CIMA Strategic P3 Questions and answers with CertsForce

 CIMA Exams      Go to Exam Detail      Get Premium Access
Viewing page 3 out of 11 pages
Viewing questions 21-30 out of questions
Questions # 21:

When a new computer system is being implemented there are several possible methods for managing the changeover from the old system to the new system.

Which THREE of the following are true?

Options:
A.

Phased changeover is the safest and slowest method of changeover.

B.

Phased changeover moves individual portions of the business to the new system one at a time.

C.

Pilot changeover moves the simplest part of the business to the new system first.

D.

Parallel running involves keeping the old system running, normally until certain data retention criteria are met or confidence is gained, while the new system deals with the new workload. Data input is usually carried out on both systems.

E.

Direct changeover, or Big Bang is only used when the systems are significantly different such that comparing the outputs of the two systems is largely irrelevant.

F.

All methods of changeover carry high risk and it is the preparation, consideration of data compatibility and data cleansing before the changeover which has the biggest impact on the smoothness of the transition.

Expert Solution
Questions # 22:

P Ltd, a manufacturing company, is considering a new capital investment project to set up a new production line. The initial appraisal shows a healthy net present value of $6,465 million at a discount rate of 10% as shown in the table below:

However, management is unsure about the demand for the product which will be produced and has insisted that the future revenues should be reduced to certainity equivalents by taking 70%, 65% and 60% of the years 1,2, and 3 cash inflows respectively.

What should P do?

Options:
A.

Proceed with the project, it has a healthy net present value.

B.

Stop the project, it has considerable risk.

C.

Put pressure on sales and marketing to re-verify their forecasts.

D.

Re-appraise the project using other capital appraisal techniques to get a more balanced view.

Expert Solution
Questions # 23:

HJK is a publishing company that employs several hundred staff A member of the company's IT Security Department contacted 30 members of HJK's staff selected at random, and told each one that his or her computer appeared to be infected with a virus The staff members were asked to provide their login details and corporate passwords so that IT Security could remove the virus remotely A total of six members of staff provided this information.

Which TWO of the following statements are correct?

Options:
A.

HJK's entire staff should be informed of the investigation and of the disappointing fact that six members of staff handed over their logins and passwords

B.

The investigation should be repeated in the future on a different sample of staff, using other reasons for asking for logins and passwords

C.

HJK's response should be limited to briefing the six staff members on their error and ensuring that they change their passwords.

D.

It was acceptable for the staff to surrender their details because the request had actually been made by members of HJK's IT Security Department.

E.

It was unethical for HJK's IT Security Department to contact staff in this manner, lying about the suspected presence of a virus in order to provoke a response.

Expert Solution
Questions # 24:

YGH has recently completed a post completion audit on a five year contract that has only recently come to a conclusion. The main finding was that the project delivered most of the expected benefits, but that it cost significantly more to implement than had been anticipated at the project appraisal stage. YGH would not have proceeded if the true cost had been known at that stage.

The project was the responsibility of the production department, which is presently managed by G.

When the project was proposed, the production department was managed by H. H is now YGH's Director of Operations.

How should the finding from this post completion audit be interpreted?

Options:
A.

YGH should consider introducing more detailed checking of the assumptions underlying the costs of future projects.

B.

The production department should not be granted funding for future projects unless there are compelling reasons to proceed.

C.

G should be held accountable for the overspend on the project.

D.

H should be held accountable for the overspend on the project.

Expert Solution
Questions # 25:

SC is a professional football club which is currently listed on a recognised stock exchange. There is a proposal that it builds a new stadium at a location a considerable distance from its current stadium.

There is strong support within the club for the move as the current ground is now over 40 years old and has not been extensively modernised in that time.

However, there is a lot of opposition to the move in the area where it is proposed to locate the new stadium. Objectors claim that the new stadium will increase traffic and pollution in the area and will adversely affect the value of their properties.

Which of the following statements about the responsibility of the board of SC is correct?

Options:
A.

SC is now a listed company and so the board should prioritise the interests of shareholders to the exclusion of other stakeholders.

B.

A football club needs to be part of the community in which it exists and so the board should consider the other stakeholders.

C.

The board should conclude that objectors to the new stadium have a legal course of action open to them and if they do not take legal action they should ignore them.

D.

If the board of directors is seen as acknowledging its responsibility to stakeholders other than shareholders this will enhance the reputation of the club and it will be more likely that a compromise can be reached with objectors.

E.

The board should share information about the new development with the local community only to the extent that it is legally obliged to do so.

Expert Solution
Questions # 26:

A junior sales clerk at BCD, a wholesale jewellers, received an email which appeared to be from a well known parcel delivery company informing her that a delivery had been attempted outside office hours and had consequently failed She was asked to click on a link and complete some seemingly innocent but logical questions to effect the delivery on the next day She thought no more about it but was very surprised the next month to be awarded salesperson of the month as her sales had doubled

Unfortunately, on investigation it was found that this was as a result of several fraudulent orders for high-value items that had seemingly been placed by an existing customer but delivered to a new address, which turned out to be a temporary box number The existing customer's credit card had been fraudulently charged for these orders

Which of the following types of cyber-attack had the sales clerk been a victim of?

Options:
A.

Botnets

B.

Malvertising

C.

Trojan

D.

Ransomware

Expert Solution
Questions # 27:

Under the COSO Enterprise Risk Management Framework, who is responsible for risk management?

Options:
A.

Every member of the entity.

B.

The board of directors only.

C.

Managers and directors only.

D.

The shareholders.

Expert Solution
Questions # 28:

BCD has set up a number of functions within its security operations centre (SOC) One of these is a Hunt team. Which of the following is the primary function of a Hunt team?

Options:
A.

To look for weaknesses in other peoples' systems

B.

To look for solutions in response to threats.

C.

To look for signs that BCD's system has been breached

D.

To look for weaknesses in BCD's cyber security system.

Expert Solution
Questions # 29:

GHJ is a manufacturing company that insures against the financial costs associated with industrial injuries involving staff. The Health and Safety Office is part of GHJ's Operations Department. GHJ's insurers will automatically increase the insurance premium by 10% in the event of a claim against the policy.

Which TWO of the following are correct?

Options:
A.

The risk of an increase in the cost of injury insurance cover should be made the responsibility of the company's finance function

B.

The automatic increase in the insurance premium is part of the financial risk associated with industrial injuries.

C.

Linking the risks associated with industrial injuries will overcomplicate the management of those risks.

D.

The risk that a serious accident could impair the morale of uninjured staff is related to the financial risk associated with accidents.

E.

The insurance cover means that management need only be concerned with the possibility of a 10% increase in the premium m the event of a serious accident.

Expert Solution
Questions # 30:

You have been assigned the role of lead internal auditor. Your task is to carry out the annual assessment of the production line maintenance department.

When planning for this audit, which of the following must be completed?

Options:
A.

Prepare the report.

B.

Establish whether the controls are adequate or not.

C.

Decide how the controls will be tested.

D.

Learn all about the systems and controls in the department.

E.

Carefully consider any control weaknesses that are reported.

F.

Review previous audit findings for the department.

Expert Solution
Viewing page 3 out of 11 pages
Viewing questions 21-30 out of questions