Risk Refresher Training 2014

15 Questions | By Catherinehalcomb | Last updated: Aug 17, 2015 | Total Attempts: 1949

Questions

Settings

E-Quiz

Questions and Answers

1.

Which of the following is a key benefit of Operational Risk Management?
- A.
  
  Improved and more efficient business processes
- B.
  
  Enhanced quality service to our customers
- C.
  
  Reduced losses and cost of rework due to errors
- D.
  
  All of the above
2.

The risk management philosophy and objectives…
- A.
  
  Seeks to eliminate and avoid all risks within the business
- B.
  
  Seeks to mitigate all potential risks within the business through effective procedures and controls
- C.
  
  Do not seek to eliminate risk, but rather to understand and profitably manage risks to optimize
- D.
  
  None of the above
3.

Which of the following tools and methodologies are NOT included in the ORM programme?
- A.
  
  Risk and Control Self-Assessment
- B.
  
  Authorisation Matrix
- C.
  
  Key Risk Indicators
- D.
  
  Incident Management
4.

What role you play in the ORM process?
- A.
  
  Maintain a level of risk awareness during your day-to-day activities.
- B.
  
  My position has nothing to do with risk management.
- C.
  
  Identify and report risks and control weakness.
- D.
  
  A and C only.
5.

The “first line of defence” consists of all risk owners across the business unit including the Management Committee. All risk owners have direct responsibility and are held accountable for the management and control of operational risks.
- A.
  
  True
- B.
  
  False
6.

Which of the following is correct?
- A.
  
  Only the Senior Management is responsible for identifying fraud in our business.
- B.
  
  Only regulators are responsible for identifying fraud in our business.
- C.
  
  All Staff members are responsible for identifying fraud in our business.
- D.
  
  Only Local Anti-fraud Officer is responsible for identifying fraud in our business.
7.

Which of the following is correct for handling the request for investigation assistance from law enforcement agencies?
- A.
  
  Provide the requested materials to the agencies without delay as they are acting in good faith.
- B.
  
  Provide the requested assistance to the agencies only when you have sought approval from your superior.
- C.
  
  Refer the request to the Corporate Security & Investigations (CSI) for handling.
- D.
  
  Refer the request to the Legal Department immediately for handling.
8.

Which of the following is correct regarding fraud case reporting?
- A.
  
  You should attempt to collect the evidence before you report the fraud case to the Anti-Fraud Officer
- B.
  
  It is a must for you to notify your manager after you have reported a case to the Anti-Fraud officer
- C.
  
  All staff should disclose their identities to Anti-Fraud Officer during fraud reporting
- D.
  
  You should not share your reported details to any irrelevant party as this may jeopardize the investigation
9.

Which of the following is correct regarding travel risk?
- A.
  
  It is acceptable for travelers to put safety in low priority as long as you are not traveling in a high risk country
- B.
  
  Travelers are only required to take measures to minimize exposure to risks when they are traveling in high risk country
- C.
  
  Vice Presidents shall avoid be booked together on the same flight for security reason
- D.
  
  The total number of management team members on the same flight shall not exceed 30% of the total of the management team
10.

Which of the following regarding event security is/are correct?
- A.
  
  Event security is a consideration only if investors and guests would attend
- B.
  
  Risk assessment should be conducted and completed before an event
- C.
  
  Event security should be supervised by the event co-ordinator and CSI security officer at all time
- D.
  
  B & C only
11.

Which of the following is NOT appropriate to reduce the chance of data leakage?
- A.
  
  Never send customer information to non-business related partners and your own email account
- B.
  
  Work at home with VPN access
- C.
  
  Upload company information to any websites with management approval
- D.
  
  Dump screen with customer information without masking data for training material or operational procedure purpose
12.

What is/are the key concern(s) of Information Technology Risk?
- A.
  
  Protection of Confidentiality
- B.
  
  Assurance of Integrity
- C.
  
  Provision of Availability
- D.
  
  All of the above
13.

What is the definition of C3 – Confidential information?
- A.
  
  Information can be made freely available to the public
- B.
  
  Information may be made freely available within the company but is NOT for general public
- C.
  
  Information requires special protection
- D.
  
  Information requires a very high level protection
14.

When you change a new password, which of the following approaches is/are appropriated?
- A.
  
  Consist of a minimum of eight characters
- B.
  
  Not be common or personal information
- C.
  
  Include a mixture of upper and lower case and numeric or special characters
- D.
  
  All of the above
15.

You should report all incidents to the Risk Management and Compliance within ______.
- A.
  
  24 hours
- B.
  
  36 hours
- C.
  
  48 hours
- D.
  
  72 hours
16.

If you find one of the customer hits the Sanction List during customer screening, you should immediately report the case to:
- A.
  
  The Human Resources Department
- B.
  
  Your manager and the Money Laundering Reporting Officer (MLRO)
- C.
  
  The Customer Service Department
- D.
  
  The relevant customer
17.

How long the customer records should be kept to comply with the Anti-Money Laundering (AML) & Counter-Terrorist Financing (CTF) Policy?
- A.
  
  6 months
- B.
  
  6 years
- C.
  
  7 years
- D.
  
  10 years
18.

Which of the following statement about Conflicts of Interest is correct?
- A.
  
  To avoid conflict of interest, the Company’s interest is always given priority
- B.
  
  Approval is not needed for an employee to take up part-time job without paid
- C.
  
  My personal finance is not related to the Conflict of Interest at work
- D.
  
  None of the above
19.

Which of the following Advantage can be offered by an employee?
- A.
  
  A bottle of wine which costs HK$2,500
- B.
  
  A pen with the Company logo in a road show
- C.
  
  A gift which costs HK$300 to a public official
- D.
  
  A department store coupon which costs HK$200
20.

Employees possessing Insider Information are prohibited from:
- A.
  
  Advising their spouses/ friends to carry out securities transactions based on such information.
- B.
  
  Carrying out advance securities transactions in response to, or in advance of, large securities orders by customers or by the Company.
- C.
  
  Carrying out personal investment in restricted securities without obtaining pre-approval from the Head of Compliance, if you are a permanent insider.
- D.
  
  All of the above.
21.

Which of the following is not an advantage of reporting issues/incidents through Whistleblowing channel?
- A.
  
  Anonymous
- B.
  
  Confidential
- C.
  
  Secure
- D.
  
  Fast
22.

Who are not the reporting officers for Whistleblowing?
- A.
  
  Head of Compliance
- B.
  
  Head of Internal Audit
- C.
  
  Chief Risk Officer
- D.
  
  Your direct line manager