CONFIDENTIAL 1 AC/MAY2022/MAF682

UNIVERSITI TEKNOLOGI MARA

MID TERM TEST

COURSE : RISK MANAGEMENT AND CONTROL

COURSE CODE : MAF682
EXAMINATION : MAY 2022
TIME : 1 HOUR 30 MINUTES

INSTRUCTIONS TO CANDIDATES

1. This question paper consists of TWO (2) sections

2. Section A: 30 Multiple choice questions

Section B: 2 Structured questions

3. Answer ALL questions in each section.

DO NOT TURN THIS PAGE UNTIL YOU ARE TOLD TO DO SO

This examination paper consists of 8 printed pages

1
CONFIDENTIAL 2 AC/MAY2022/MAF682

SECTION A

1. A business gathers its employees together so that they can review all the various sources of risk.
The next step is to arrange all the identified risks in order of priority. This can be done through
______________

A. Applying preventive mechanism

B. Mitigate the risk
C. Brainstorming session to rank the risk
D. Accept the risk in risk register

2. Risk can be defined as the combination of probability of an event occurring and the
consequences of the event that occur. Choose the best formula to represent risk in any
situation.
A. Risk = SWOT Analysis x Severity
B. Risk = Analyse x Severity
C. Risk = Likelihood x Severity
D. Risk = Security x Likelihood

3. Which ONE of the following statements is true?

A. Risk is only concerned about things going wrong
B. Risk only relates to new issues
C. Big enterprises are the only ones who need to manage risk
D. Risk can recognise positive events, including opportunities

4. Elements that make risk manageable compared to uncertainty

i. Measurable
ii. Chances of outcome is unknown
iii. Uncontrollable
iv. The impact can be minimised
v. Can be assigned to certain situation

A. i, ii, iii and iv

B. i, iii, iv and v
C. i, ii, iii and v
D. All the above

5. Example of high probability of occurrence

A. Car accident during festive season
B. Fire in water theme park
C. Run out of petrol supply in petrol station
D. Management fraud in a bank

6. Example of low severity

A. Loss due to power outage in a factory
B. Loss due to the theme park water sliding tube broke
C. Loss due to theft in a supermarket
2
CONFIDENTIAL 3 AC/MAY2022/MAF682

D. Loss due to robbery in a gold and jewellery store

7. The fo
A. Loss due to flood
B. Loss due to fraud
C. Possibility of failure of new product launching
D. Possibility of injuries in factory

8.
A. A dramatic fall in the value of shares across a stock market
B. Losing a patent held by a manufacturer
C. Loss of all data from malicious computer virus
D.

9. Which one of the following statements is FALSE on the importance of risk management?
A. Results in more opportunities being captured proactively and turned into positive benefits
for the project.
B. Failing to manage risk will result in more problems and a higher chance of project failures.
C. Minimises threats, maximises opportunities and optimises the achievement of project
objectives.
D. Reduce the number of threats that materialise into problems and minimise the effects of
those that do occur.

10. Due increase in internet security threats, manager of THD Bhd decides to invest in
cybersecurity insurance. Which of the following risk management strategies is the manager
adopting?
A. Risk acceptance
B. Risk avoidance
C. Risk transfer
D. Risk mitigation

11. False accounting or theft of cash or assets is one of the examples of which risk?
A. Economic Risk
B. Employee Malfeasance Risk
C. Business Risk
D. Fraud Risk

12. Delicious Bhd. is a company involving in manufacturing organic healthy food. In their new
product, Belly Fat Loss, the company used new ingredient call Super powder. Super Powder is
an extract of goji berries which plant has been genetically modified by the producer. The usage
of genetically modified ingredient in their product has received some complaint from the
customer. Which of the following risk is associated with Delicious Bhd.?
A. Economic risk
B. Business risk
C. Environmental risk
D. Reputation risk
3
CONFIDENTIAL 4 AC/MAY2022/MAF682

13. Which of the following is the example of systematic risk?

A. Maxim Bhd. actual earnings for the year is lower than expected earnings forecasted
B. Maxim Bhd. arrest two employees for embezzlemen
C. The government raise interest rate unexpectedly
D.

14. Financial loss from investing time and money to comply with accounting standards is the
example of which strategic risks?
A. Regulatory and compliance risks
B. Reputation and damage risks
C. Changing customer needs
D. Operational risk

15. Reputation risk arises from ______ publicity that can occur due to a ______ event or to
mismanaged business practices.
A. Positive, certain
B. Negative, uncertain
C. Favourable, possible
D. Negative, certain

16.
i. Perform regular internal audit in high-risk department
ii. Conduct an anti-fraud awareness training
iii. Encourage job hopping
iv. Review and redesigned financial incentives to compensate employee
A. i, ii and iii
B. ii, iii and iv
C. i, ii and iv
D. i, iii and iv

17. Political risk, legal risk, regulatory and compliance risk are all risks that may affect a business
due to its __________
A. regulatory environment
B. nature and operations of the business products
C. financial condition
D. strategic decisions taken by the business.

18. Which of the following would normally be classified as a corporate reputation risk?
i. Information technology failure
ii. Stricter health and safety legislation
iii. Selling products with harmful chemical
iv. Employees hired with long hours work, in poor conditions for low pay

A. i and ii
B. ii and iii
C. ii and iv
4
 CONFIDENTIAL 5 AC/MAY2022/MAF682

D. iii and iv
19. Fashnesta Bhd manufactures high quality jeans in Singapore and its main market are retail
outlets in countries overseas. Thus, the company gaining the economics of scale advantages
and help them in setting the price of their product at low price. Which of the following factors
would be the most likely to increase the risks associated with this strategy?
A.
B. Increase the cost of marketing and advertising.
C. Risk of legal action due to non-compliance with the law and regulation.
D. The currency rate in Singapore is increasing as compared to its main overseas market.

20. The Board of PVC Bhd really concern on the reputational risk due to increase in demand of its
product. Thus, the company held a meeting to discuss the reputation risk management with
all its members. Which of the following features does not apply to the discussion in relation
to the reputation risk?
A. Focus on the issue that driven adverse publicity by media.
B. Focus on the financial condition that relates to the increase in the interest rate due to
high debt financing.
C. Discussion based on assessment of issues that likely to impact the company due to

D. Issuance of press statement on

21. What is Enterprise Risk Management (ERM)?

A. A process, effected by an entity's board of directors, management, and other
personnel designed to identify potential events that may affect the entity and to
manage risk within its risk appetite
B. A process of evaluating internal controls to ensure operations are carried out
efficiently and effectively
C. A process by which compliance with laws and regulations can be assessed
D. A process designed to identify material events that may affect the financial statements
and to manage risk within the entity's risk appetite

22. Which of the following is not an element of COSO Enterprise Risk Management?
A. Enhancing risk response decisions
B. Identification of risks and opportunities affecting achievement of an entity's objectives
C. Reducing operating surprises and losses
D. Improving deployment of information technology

23. Risk appetite is the amount of risk an entity is willing to take entirely. Which of the following
statement is TRUE?
A. There is fixed amount on risk appetite.
B. Risk appetites change due to changing market environment.
C. Risk appetite reflects the attitude towards risk mitigation.
D. A larger risk appetite indicates that a business is taking smaller risks.

24. AAA Warisan Bhd. is a food manufacturer that produces Rempeyek a traditional snack that is
sold across the world and targeted both families and individuals. It carries a warning label on
5
 CONFIDENTIAL 6 AC/MAY2022/MAF682

the packet stating that the snack contains peanuts which can cause an allergic reaction in
some cases and that anyone who is considering eating this snack should be aware of the
ingredients so they are aware of the possible side-effects from any allergy they may have.
What kind of risk management strategy is the manufacturer of this snack is using?
A. Transfer
B. Avoid
C. Reduce
D. Accept

25. A hospital has a very good record of treating and discharging its patients quickly, but it is very
dependent upon its IT systems to make sure that this record is maintained. In recent years
there have not been any IT system breakdowns that adversely affected patient care. The
hospital has compiled a risk map and identified the risk of breakdown in its IT systems as being
high severity, but low frequency. How should the hospital respond to this risk? Select ALL that
apply.
i. Outsource its IT function
ii. Make sure contingency plans and procedures are in place and well understood
iii. Keep the situation under review
iv. Close the departments that would be the most severely affected by any IT breakdown

A. i and ii
B. ii and iii
C. iii and iv
D. ii and iv

26. Installing CCTV in a 24-hours convenient store is an example of risk:

A. Reduction
B. Transfer
C. Acceptance
D. Avoidance

27. LipLap Bhd is a small advertising company which provide services in peninsular Malaysia. The
company faced an unexpected death of its CEO who suddenly collapsed during meeting.
Which of the following risk mapping that the company should concern?
A. Low probability, low impact
B. Low probability, high impact
C. High probability, low impact
D. High probability, high impact

28. Establishment of risk register is of the element that should be considered in risk management
process because it can be used as risk management tools to identify the risk associated with
the company. Which of the following aspects of each risk that should not be included in such
document?
A. The probability or likelihood of the risk
B. The name of the risk owner
C. The level of risk associated with the risk

6
 CONFIDENTIAL 7 AC/MAY2022/MAF682

D. None of the above

29. The Board of PLU company wishes to put in place a series of performance measures to monitor

marketplace. Which of the following performance measure would be the least likely to help
UPL to monitor the reputations of its products?
A. Number of product return
B. Employee turnover
C. Customer interviews
D. Analysis of online consumer review forums

30. Select TWO (2) that are related to formulating risk management strategy
i. formal strategy for managing risks would purpose be given to risk managers to make
assessments of the risks
ii. monitor the implementation and effectiveness of controls
iii. ensure that controls are properly implemented
iv. review its internal control system and its adequacy quarterly

A. i and ii
B. ii and iii
C. i and iii
D. ii and iv
(TOTAL: 30 MARKS)

SECTION B

QUESTION 1
Ahmad has a restaurant that serves traditional Pahang cuisine. This restaurant was opened almost 10

restaurant is barely able to operate anymore due to the pandemic that has hit the whole world over
the past two years. To enable it to resume operations, Ahmad had to borrow from a bank a substantial
amount of loan. To increase its working capital, Ahmad also secured loans from unlicensed
moneylenders (Along).

significantly due to Ahmad's regular customers. A sharp increase in sales in a short time demands a
sound cash management system but, in this case, Ahmad has failed to do so. The financial affairs of
the restaurant had been handed entirely to his long-serving employee without knowing he had been
involved in a severe gambling addiction for the past two years. Ahmad had to do so because he wanted
to focus his time on taking care of his ailing parents.

The restaurant is also experiencing problems with the supply of fresh patin. Many of the fish farmers
are unable to operate due to damage to fish cages and the loss of fish because of the recent floods.
These factors contributed to the increase in the price of fresh fish supply. The price of fish feed is also
expected to increase soon and cause an increase in the price of fresh fish supply.

Required:
7
 CONFIDENTIAL 8 AC/MAY2022/MAF682

Identify FOUR (4) types of risks that Ahmad faces in running his restaurant, including explanations of
the impact of each risk identified on the business.
(10 marks)

QUESTION 2
A medical specialist with three partners owned a huge medical clinic and decided to diversify their
revenue streams by offering day surgery facilities. The existing clinic building will be extended to
accommodate the surgical unit and storage facilities for equipment and drugs. The objective is to
provide patients with the option of having minor surgical procedures performed by a doctor at their
local clinic, avoiding any potential delay in treatments associated with hospital referral. Blood and
surgical samples will be sent to a nearby hospital for testing, but the patient will receive the results
from their doctor at the clinic. The addition of the day surgery service is expected to enhance clinical
revenue by around 20%.

Required:

i) Identify ONE (1) additional risk that the clinic owners may encounter due to the implementation
of the new surgery facility.
(4 marks)

ii) Explain THREE (3) benefits of risk treatment (or risk response) to the clinic owners.
(6 marks)
(TOTAL: 20 MARKS)

END OF QUESTION PAPER