Home / P1 · FRM Part I / Foundations of Risk Management

FRM·P1 · FRM Part I·UnitP1 · Unit 01Access: Free tier

Foundations of Risk Management

Prepare for Foundations of Risk Management with FRM practice questions covering 10 topics. Part of FRM Part I — build your knowledge and track your progress with Pass FRM.

Questions
717
Topics
10
Access
Free

What’s in it.

10 topics
  • Topic 01

    Risk Management Process

    88 questions
  • Topic 02

    Corporate Governance and Risk Culture

    79 questions
  • Topic 03

    Credit Risk Overview

    62 questions
  • Topic 04

    Market Risk Overview

    62 questions
  • Topic 05

    Operational Risk Overview

    57 questions
  • Topic 06

    Integrated Risk Management

    50 questions
  • Topic 07

    Financial Disasters and Case Studies

    49 questions
  • Topic 08

    GARP Code of Conduct

    93 questions
  • Topic 09

    Risk-Adjusted Performance Measurement

    90 questions
  • Topic 10

    Hedging and Risk Transfer

    87 questions

Sample questions

3 of many

A few questions from this unit, with the answer and a full explanation. The complete bank is available when you start practising.

  1. Which regulatory reform was most directly triggered by the Enron and WorldCom accounting scandals of 2001–2002?

    • The SEC's Regulation FD (2000), which required simultaneous public disclosure of material information
    • The Sarbanes-Oxley Act (SOX) of 2002, which introduced requirements for CEO/CFO certification of financial statements, management assessment of internal controls (Section 404), and auditor independence provisions
      Correct answer
    • Basel II (2006), which introduced the Advanced Measurement Approach for operational risk capital
    • IFRS 9 (2018), which changed the accounting for loan loss provisions to an expected loss model
    Explanation

    The Sarbanes-Oxley Act (2002) was the direct legislative response to the Enron (2001) and WorldCom (2002) accounting scandals. Its key provisions targeted the specific failures identified: Section 302 required CEOs and CFOs to personally certify financial statement accuracy (addressing Enron CEO Skilling's 'I didn't know' defence); Section 404 required management to assess and attest to internal controls over financial reporting (addressing the failure of internal and external oversight); auditor independence provisions (addressing Arthur Andersen's conflict of interest). SOX represents the most direct governance reform response to corporate accounting failures.

  2. What is the key limitation of the Sharpe ratio with respect to return distributions?

    • The Sharpe ratio is limited because it uses historical standard deviation rather than implied volatility, causing it to systematically understate risk for option-heavy portfolios
    • The Sharpe ratio is limited to portfolios managed against a specific benchmark and cannot be used for unconstrained or absolute-return portfolios
    • The Sharpe ratio is limited because it uses the risk-free rate rather than the market return as the benchmark, making it inapplicable to portfolios with systematic market exposure
    • The Sharpe ratio assumes returns are normally distributed; it penalises upside and downside volatility equally and underestimates tail risk for strategies with skewed or fat-tailed return distributions
      Correct answer
    Explanation

    The Sharpe ratio's most significant technical limitation is its assumption of normally distributed returns. Standard deviation treats upside volatility the same as downside volatility, which is inappropriate for asymmetric strategies. More critically, strategies that write options or engage in carry trades can appear to have very high Sharpe ratios in normal markets while accumulating large tail risks that only crystallise in rare events — the 'short volatility' problem. The Sortino ratio (downside deviation) and VaR-based measures partially address this limitation.

  3. What are the three lines of defence in the 3LoD risk governance model?

    • First line: business units (risk owners); Second line: risk management function and compliance; Third line: internal audit
      Correct answer
    • First line: compliance; Second line: internal audit; Third line: regulatory supervision
    • First line: board of directors; Second line: CRO; Third line: business unit risk managers
    • First line: internal audit; Second line: business units; Third line: risk management function
    Explanation

    The Three Lines of Defence (3LoD) model separates risk management responsibilities: (1) First line — business units that take risk day-to-day own and manage their risks; they implement controls and monitor their own limits. (2) Second line — risk management function and compliance provide independent oversight, set frameworks, challenge the first line, and report firm-wide risk to management and the board. (3) Third line — internal audit provides independent assurance to the board that the first and second lines are functioning effectively.