FRM·P1 · FRM Part I·UnitP1 · Unit 01Access: Free tier
Foundations of Risk Management
Prepare for Foundations of Risk Management with FRM practice questions covering 10 topics. Part of FRM Part I — build your knowledge and track your progress with Pass FRM.
What’s in it.
10 topics- Topic 01
Risk Management Process
88 questions - Topic 02
Corporate Governance and Risk Culture
79 questions - Topic 03
Credit Risk Overview
62 questions - Topic 04
Market Risk Overview
62 questions - Topic 05
Operational Risk Overview
57 questions - Topic 06
Integrated Risk Management
50 questions - Topic 07
Financial Disasters and Case Studies
49 questions - Topic 08
GARP Code of Conduct
93 questions - Topic 09
Risk-Adjusted Performance Measurement
90 questions - Topic 10
Hedging and Risk Transfer
87 questions
Sample questions
3 of manyA few questions from this unit, with the answer and a full explanation. The complete bank is available when you start practising.
Which regulatory reform was most directly triggered by the Enron and WorldCom accounting scandals of 2001–2002?
- The SEC's Regulation FD (2000), which required simultaneous public disclosure of material information
- The Sarbanes-Oxley Act (SOX) of 2002, which introduced requirements for CEO/CFO certification of financial statements, management assessment of internal controls (Section 404), and auditor independence provisionsCorrect answer
- Basel II (2006), which introduced the Advanced Measurement Approach for operational risk capital
- IFRS 9 (2018), which changed the accounting for loan loss provisions to an expected loss model
ExplanationThe Sarbanes-Oxley Act (2002) was the direct legislative response to the Enron (2001) and WorldCom (2002) accounting scandals. Its key provisions targeted the specific failures identified: Section 302 required CEOs and CFOs to personally certify financial statement accuracy (addressing Enron CEO Skilling's 'I didn't know' defence); Section 404 required management to assess and attest to internal controls over financial reporting (addressing the failure of internal and external oversight); auditor independence provisions (addressing Arthur Andersen's conflict of interest). SOX represents the most direct governance reform response to corporate accounting failures.
What is the key limitation of the Sharpe ratio with respect to return distributions?
- The Sharpe ratio is limited because it uses historical standard deviation rather than implied volatility, causing it to systematically understate risk for option-heavy portfolios
- The Sharpe ratio is limited to portfolios managed against a specific benchmark and cannot be used for unconstrained or absolute-return portfolios
- The Sharpe ratio is limited because it uses the risk-free rate rather than the market return as the benchmark, making it inapplicable to portfolios with systematic market exposure
- The Sharpe ratio assumes returns are normally distributed; it penalises upside and downside volatility equally and underestimates tail risk for strategies with skewed or fat-tailed return distributionsCorrect answer
ExplanationThe Sharpe ratio's most significant technical limitation is its assumption of normally distributed returns. Standard deviation treats upside volatility the same as downside volatility, which is inappropriate for asymmetric strategies. More critically, strategies that write options or engage in carry trades can appear to have very high Sharpe ratios in normal markets while accumulating large tail risks that only crystallise in rare events — the 'short volatility' problem. The Sortino ratio (downside deviation) and VaR-based measures partially address this limitation.
What are the three lines of defence in the 3LoD risk governance model?
- First line: business units (risk owners); Second line: risk management function and compliance; Third line: internal auditCorrect answer
- First line: compliance; Second line: internal audit; Third line: regulatory supervision
- First line: board of directors; Second line: CRO; Third line: business unit risk managers
- First line: internal audit; Second line: business units; Third line: risk management function
ExplanationThe Three Lines of Defence (3LoD) model separates risk management responsibilities: (1) First line — business units that take risk day-to-day own and manage their risks; they implement controls and monitor their own limits. (2) Second line — risk management function and compliance provide independent oversight, set frameworks, challenge the first line, and report firm-wide risk to management and the board. (3) Third line — internal audit provides independent assurance to the board that the first and second lines are functioning effectively.