nayizhenfeng

3、UBS operational risk management framework:

incorporates the eight principles of the 2003 “Sound Practices” study.
has been implemented on a firm-wide basis.
was instituted in 1997.
is a well tested program successfully operating across all parts of the investment bank.
A) I, II, and III only.
 
B) I only.
 
C) I, II, III, and IV.
 
D) I and II only.

nayizhenfeng

The correct answer is C

All statements are correct.

nayizhenfeng

2、How many of the following statements are CORRECT? Missing elements from the integrated risk management plan which need to be incorporated include:

evaluation of firm-level controls.
evaluation of contingency plans.
capital requirements quantification.
risk control decisions.
A) None of these.
 
B) Two of these.
 
C) Three of these.
 
D) All of these.

nayizhenfeng

The correct answer is D

An integrated plan offers an effective device for risk management; nevertheless, there are still various elements (including all of the above) of both SOX 404 and Basel II that are missing and need to be incorporated.

nayizhenfeng

AIM 6: Analyze, in light of the requirements in Sarbanes-Oxley Act section 404 and the Basel II Accord, the operational risk framework implemented by UBS.

 

1、Operational risk framework implemented by UBS, in light of the requirements in Sarbanes-Oxley Act section 404 and the Basel II Accord, requires that a functional area:

state its tasks and responsibilities clearly.
provide a plan with respect to identification and management of op risk events.
identify key early warning indicators of an increased risk.
offer additional information of the control plan for specific op risk events.
A) I, II, and III only.
 
B) II and III only.
 
C) I and II only.
 
D) I, II, III, and IV.
 

nayizhenfeng

The correct answer is D

All the statements are key ingredients of the UBS integrated operational risk framework, which combines the requirements in both Sarbanes-Oxley Act section 404 and the Basel II Accord.

nayizhenfeng

3、How many of the following statements regarding SOX and Basel are correct?

An op risk management plan must collect and analyze internal, as well as external, data to identify the occurrence of op risk events and potential loss.
An op risk management plan must be reviewed, updated, validated, and improved, enhancing its strengths and minimizing its weaknesses.
One of the compliance implications of the Sarbanes-Oxley Act section 404 requires the management to disclose any fraud, material or non-material, committed by all those involved in establishing internal control processes over financial reporting.
One of the compliance implications of the Sarbanes-Oxley Act section 404 requires the management to disclose internal control shortcomings, weaknesses, and deficiencies to the external auditor’s audit committee and the general public through annual financial reports.
A) None of these.
 
B) One of these.
 
C) Two of these.
 
D) All of these.

nayizhenfeng

The correct answer is D

All the statements are correct.

nayizhenfeng

AIM 4: List, identify, and summarize the implications Sarbanes-Oxley Act section 404 has on compliance framework.

 

1、Examples of material distortions in financial reporting, classified as op risk events or internal control events, arising as a consequence of control failures include:

forgery.
data entry errors.
hardware system failure.
software system failure.
A) II, III, and IV only.
 
B) I, II, III, and IV.
 
C) I, II, and III only.
 
D) I and II only.

nayizhenfeng

The correct answer is B

Control failures can easily produce material distortions in financial reporting. All of the above are examples of material distortions. Whether we classify these distortions as op risk events or internal control events makes no difference because the end result is the same, financial misreporting.