
Explanation:
Process mapping is not a top-down risk identification tool. Instead, it is a bottom-up risk identification technique. This method involves outlining the steps of a process in a detailed manner, considering the risks associated with each specific set of actions, and asking what could potentially go wrong at each stage. The focus here is on individual tasks or processes, and the risks are identified at this granular level. These identified risks are then aggregated to form the overall risk profile. This approach is in contrast to the top-down approach, where the focus is on the overall risk profile, and then specific risks are identified by drilling down into this profile.
Choice A is incorrect. Exposures and vulnerabilities are indeed a part of top-down risk identification tools. They involve identifying the overall risk profile by examining the potential exposures and vulnerabilities that an organization might face.
Choice B is incorrect. The Risk wheel is also a top-down approach to risk identification. It starts with the overall risk profile, then drills down into specific risks by considering various factors such as external environment, internal environment, strategy and operations.
Choice D is incorrect. Horizon scanning falls under the category of top-down risk identification tools as well. It involves looking at the broader picture or horizon to identify potential risks that could impact an organization's overall risk profile.
Things to Remember
Ultimate access to all questions.
No comments yet.