Risk Refresher Training 2014

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Catherine Halcomb
Catherine Halcomb
Community Contributor
Quizzes Created: 1443 | Total Attempts: 6,686,485
| Attempts: 1,973
Quiz Flashcard
SettingsSettings
Please wait...
  • 1/22 Questions

    If you find one of the customer hits the Sanction List during customer screening, you should immediately report the case to: 

    • The Human Resources Department
    • Your manager and the Money Laundering Reporting Officer (MLRO)
    • The Customer Service Department
    • The relevant customer
Please wait...
About This Quiz

E-Quiz

Training Quizzes & Trivia

Quiz Preview

  • 2. 

    Which of the following is correct?

    • Only the Senior Management is responsible for identifying fraud in our business.

    • Only regulators are responsible for identifying fraud in our business.

    • All Staff members are responsible for identifying fraud in our business.

    • Only Local Anti-fraud Officer is responsible for identifying fraud in our business.

    Correct Answer
    A. All Staff members are responsible for identifying fraud in our business.
    Explanation
    All staff members are responsible for identifying fraud in our business because fraud can occur at any level and it is important for everyone to be vigilant and report any suspicious activities. It is not solely the responsibility of senior management or regulators, but rather a collective effort to ensure the integrity and security of the business. The involvement of all staff members increases the chances of detecting and preventing fraud effectively.

    Rate this question:

  • 3. 

    What is/are the key concern(s) of Information Technology Risk?

    • Protection of Confidentiality

    • Assurance of Integrity

    • Provision of Availability

    • All of the above

    Correct Answer
    A. All of the above
    Explanation
    The key concerns of Information Technology Risk include the protection of confidentiality, assurance of integrity, and provision of availability. Confidentiality refers to the protection of sensitive information from unauthorized access. Integrity involves ensuring the accuracy, completeness, and reliability of data and information. Availability ensures that IT systems and services are accessible and usable when needed. All of these concerns are important in managing IT risks effectively.

    Rate this question:

  • 4. 

    When you change a new password, which of the following approaches is/are appropriated?

    • Consist of a minimum of eight characters

    • Not be common or personal information

    • Include a mixture of upper and lower case and numeric or special characters

    • All of the above

    Correct Answer
    A. All of the above
    Explanation
    The appropriate approach when changing a new password is to follow all of the mentioned guidelines. The password should consist of a minimum of eight characters, should not be common or personal information, and should include a mixture of upper and lower case letters, numeric, or special characters. Following all of these guidelines helps to create a strong and secure password.

    Rate this question:

  • 5. 

    Employees possessing Insider Information are prohibited from:

    • Advising their spouses/ friends to carry out securities transactions based on such information.

    • Carrying out advance securities transactions in response to, or in advance of, large securities orders by customers or by the Company.

    • Carrying out personal investment in restricted securities without obtaining pre-approval from the Head of Compliance, if you are a permanent insider.

    • All of the above.

    Correct Answer
    A. All of the above.
    Explanation
    Employees possessing Insider Information are prohibited from advising their spouses/friends to carry out securities transactions based on such information, carrying out advance securities transactions in response to, or in advance of, large securities orders by customers or by the Company, and carrying out personal investment in restricted securities without obtaining pre-approval from the Head of Compliance, if they are a permanent insider.

    Rate this question:

  • 6. 

    The “first line of defence” consists of all risk owners across the business unit including the Management Committee. All risk owners have direct responsibility and are held accountable for the management and control of operational risks.

    • True

    • False

    Correct Answer
    A. True
    Explanation
    The first line of defense refers to all risk owners in a business unit, including the Management Committee. These risk owners are directly responsible for managing and controlling operational risks. This means that they have the primary responsibility for identifying, assessing, and mitigating risks within their respective areas of responsibility. They are held accountable for ensuring that proper risk management practices are in place and that risks are effectively managed to protect the organization. Therefore, the statement that the first line of defense consists of all risk owners across the business unit, including the Management Committee, and that they have direct responsibility and are held accountable for operational risk management is true.

    Rate this question:

  • 7. 

    How long the customer records should be kept to comply with the Anti-Money Laundering (AML) & Counter-Terrorist Financing (CTF) Policy?

    • 6 months

    • 6 years

    • 7 years

    • 10 years

    Correct Answer
    A. 7 years
    Explanation
    The customer records should be kept for 7 years to comply with the Anti-Money Laundering (AML) & Counter-Terrorist Financing (CTF) Policy. This duration ensures that the records are available for a sufficient period of time to monitor and investigate any suspicious activities related to money laundering or terrorist financing. It also allows regulatory authorities to access the information if required for audits or legal purposes.

    Rate this question:

  • 8. 

    Which of the following Advantage can be offered by an employee?

    • A bottle of wine which costs HK$2,500

    • A pen with the Company logo in a road show

    • A gift which costs HK$300 to a public official

    • A department store coupon which costs HK$200

    Correct Answer
    A. A pen with the Company logo in a road show
    Explanation
    An employee can offer the advantage of promoting the company and its brand by distributing a pen with the company logo in a road show. This promotional item can help increase brand visibility and create a positive impression among potential customers. The other options mentioned, such as a bottle of wine, a gift to a public official, and a department store coupon, may not directly contribute to promoting the company or its brand.

    Rate this question:

  • 9. 

    Which of the following regarding event security is/are correct?

    • Event security is a consideration only if investors and guests would attend

    • Risk assessment should be conducted and completed before an event

    • Event security should be supervised by the event co-ordinator and CSI security officer at all time

    • B & C only

    Correct Answer
    A. B & C only
    Explanation
    The correct answer is B & C only. This means that the following statements are correct: risk assessment should be conducted and completed before an event, and event security should be supervised by the event co-ordinator and CSI security officer at all times. The first statement acknowledges the importance of assessing and addressing potential risks before an event takes place. The second statement emphasizes the need for supervision by both the event co-ordinator and the CSI security officer to ensure effective event security.

    Rate this question:

  • 10. 

    Which of the following is a key benefit of Operational Risk Management?

    • Improved and more efficient business processes

    • Enhanced quality service to our customers

    • Reduced losses and cost of rework due to errors

    • All of the above

    Correct Answer
    A. All of the above
    Explanation
    Operational Risk Management provides several key benefits. Firstly, it helps in improving and making business processes more efficient. This is achieved by identifying and mitigating potential risks that could hinder operations. Secondly, it enhances the quality of service provided to customers by minimizing operational disruptions and errors. Lastly, it helps in reducing losses and the cost of rework due to errors, which ultimately leads to cost savings. Therefore, all of the mentioned benefits are associated with Operational Risk Management.

    Rate this question:

  • 11. 

    What role you play in the ORM process?

    • Maintain a level of risk awareness during your day-to-day activities.

    • My position has nothing to do with risk management.

    • Identify and report risks and control weakness.

    • A and C only.

    Correct Answer
    A. A and C only.
    Explanation
    The correct answer is A and C only. In the ORM process, your role is to maintain a level of risk awareness during your day-to-day activities. This means being vigilant and identifying any potential risks or control weaknesses that may arise. You are also responsible for reporting these risks and weaknesses to ensure they are addressed and mitigated. The other options, B and D, are incorrect as they state that your position has nothing to do with risk management or that only one option is correct, which is not the case.

    Rate this question:

  • 12. 

    Which of the following is not an advantage of reporting issues/incidents through Whistleblowing channel?

    • Anonymous

    • Confidential

    • Secure

    • Fast

    Correct Answer
    A. Fast
    Explanation
    The correct answer is "Fast" because reporting issues/incidents through a whistleblowing channel may not necessarily result in a fast resolution. While anonymity, confidentiality, and security are all advantages of whistleblowing channels, the speed at which the issues are addressed and resolved may vary depending on the complexity of the situation and the resources available to investigate and take action on the reported incidents.

    Rate this question:

  • 13. 

    You should report all incidents to the Risk Management and Compliance within ______.

    • 24 hours

    • 36 hours

    • 48 hours

    • 72 hours

    Correct Answer
    A. 24 hours
    Explanation
    All incidents should be reported to the Risk Management and Compliance within 24 hours. This is important because reporting incidents promptly allows for swift action to be taken to mitigate any potential risks or damages. It also ensures that the appropriate authorities are notified in a timely manner, which is crucial for compliance purposes and maintaining the overall security and integrity of the organization.

    Rate this question:

  • 14. 

    Who are not the reporting officers for Whistleblowing?

    • Head of Compliance

    • Head of Internal Audit

    • Chief Risk Officer

    • Your direct line manager

    Correct Answer
    A. Your direct line manager
    Explanation
    Your direct line manager is not a reporting officer for whistleblowing because they are likely to be involved in the misconduct or unethical behavior being reported. It is important to have reporting officers who are independent and unbiased in order to ensure a fair and objective investigation of the whistleblowing allegations. The Head of Compliance, Head of Internal Audit, and Chief Risk Officer are all positions that are typically responsible for overseeing and addressing whistleblowing concerns.

    Rate this question:

  • 15. 

    Which of the following tools and methodologies are NOT included in the ORM programme?

    • Risk and Control Self-Assessment

    • Authorisation Matrix

    • Key Risk Indicators

    • Incident Management

    Correct Answer
    A. Authorisation Matrix
    Explanation
    The ORM programme includes tools and methodologies such as Risk and Control Self-Assessment, Key Risk Indicators, and Incident Management. However, the Authorisation Matrix is not included in the ORM programme.

    Rate this question:

  • 16. 

    Which of the following is NOT appropriate to reduce the chance of data leakage?

    • Never send customer information to non-business related partners and your own email account

    • Work at home with VPN access

    • Upload company information to any websites with management approval

    • Dump screen with customer information without masking data for training material or operational procedure purpose

    Correct Answer
    A. Dump screen with customer information without masking data for training material or operational procedure purpose
    Explanation
    Dumping a screen with customer information without masking data for training material or operational procedure purposes is not appropriate to reduce the chance of data leakage. This action exposes sensitive customer information to potential leaks and compromises data security. To reduce the chance of data leakage, it is important to never send customer information to non-business related partners and personal email accounts, work at home with VPN access, and upload company information to websites with management approval.

    Rate this question:

  • 17. 

    Which of the following is correct regarding fraud case reporting?

    • You should attempt to collect the evidence before you report the fraud case to the Anti-Fraud Officer

    • It is a must for you to notify your manager after you have reported a case to the Anti-Fraud officer

    • All staff should disclose their identities to Anti-Fraud Officer during fraud reporting

    • You should not share your reported details to any irrelevant party as this may jeopardize the investigation

    Correct Answer
    A. You should not share your reported details to any irrelevant party as this may jeopardize the investigation
    Explanation
    It is important not to share reported details with any irrelevant party as this could compromise the investigation.

    Rate this question:

  • 18. 

    Which of the following statement about Conflicts of Interest is correct?

    • To avoid conflict of interest, the Company’s interest is always given priority

    • Approval is not needed for an employee to take up part-time job without paid

    • My personal finance is not related to the Conflict of Interest at work

    • None of the above

    Correct Answer
    A. None of the above
    Explanation
    The correct answer is "None of the above" because the statement "To avoid conflict of interest, the Company’s interest is always given priority" is not always true. In some cases, the company's interest may be given priority, but there are also situations where conflicts of interest need to be managed and mitigated in a fair and balanced manner. The statement "Approval is not needed for an employee to take up part-time job without paid" is incorrect because most companies require employees to seek approval before taking up any part-time job, even if it is unpaid. The statement "My personal finance is not related to the Conflict of Interest at work" is also incorrect because personal financial interests can potentially create conflicts of interest in the workplace.

    Rate this question:

  • 19. 

    What is the definition of C3 – Confidential information?

    • Information can be made freely available to the public

    • Information may be made freely available within the company but is NOT for general public

    • Information requires special protection

    • Information requires a very high level protection

    Correct Answer
    A. Information requires special protection
    Explanation
    C3 - Confidential information refers to information that requires special protection. This means that the information is sensitive and should not be disclosed to unauthorized individuals or entities. It may contain sensitive data such as trade secrets, financial information, or personal information. The protection of C3 information is crucial to maintain the privacy, security, and integrity of the information and prevent any potential harm or misuse.

    Rate this question:

  • 20. 

    Which of the following is correct for handling the request for investigation assistance from law enforcement agencies?

    • Provide the requested materials to the agencies without delay as they are acting in good faith.

    • Provide the requested assistance to the agencies only when you have sought approval from your superior.

    • Refer the request to the Corporate Security & Investigations (CSI) for handling.

    • Refer the request to the Legal Department immediately for handling.

    Correct Answer
    A. Refer the request to the Corporate Security & Investigations (CSI) for handling.
  • 21. 

    Which of the following is correct regarding travel risk?

    • It is acceptable for travelers to put safety in low priority as long as you are not traveling in a high risk country

    • Travelers are only required to take measures to minimize exposure to risks when they are traveling in high risk country

    • Vice Presidents shall avoid be booked together on the same flight for security reason

    • The total number of management team members on the same flight shall not exceed 30% of the total of the management team

    Correct Answer
    A. Vice Presidents shall avoid be booked together on the same flight for security reason
  • 22. 

    The risk management philosophy and objectives…

    • Seeks to eliminate and avoid all risks within the business

    • Seeks to mitigate all potential risks within the business through effective procedures and controls

    • Do not seek to eliminate risk, but rather to understand and profitably manage risks to optimize

    • None of the above

    Correct Answer
    A. Do not seek to eliminate risk, but rather to understand and profitably manage risks to optimize
    Explanation
    The correct answer is "Do not seek to eliminate risk, but rather to understand and profitably manage risks to optimize." This means that the risk management philosophy and objectives do not aim to completely eliminate all risks within the business, but rather to gain a comprehensive understanding of the risks involved and effectively manage them in order to optimize profitability.

    Rate this question:

Quiz Review Timeline (Updated): Mar 21, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 21, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Nov 13, 2014
    Quiz Created by
    Catherine Halcomb
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.