In ORM, what is the purpose of the 'supervise and review' step?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Discover the 29 Hour JKO Test. Prepare with questions, hints, and explanations. Master your exam with our tools!

Multiple Choice

In ORM, what is the purpose of the 'supervise and review' step?

Explanation:
The point of supervise and review is to ensure that the controls already put in place actually work over time and to watch for changes that could alter risk. After controls are implemented, this step checks their effectiveness, gathers evidence of performance, and flags any drift or new risks caused by changes in processes, systems, people, or external conditions. It keeps the risk picture up to date, prompts re-evaluation of residual risk, and supports continuous improvement by informing adjustments to controls or assessments as needed. Drafting risk assessments belongs to the analysis phase that identifies and evaluates risk. Selecting control measures happens earlier in the treatment or mitigation phase. Deploying hardware upgrades is a tactical action aimed at implementation, not the ongoing oversight described by supervise and review.

The point of supervise and review is to ensure that the controls already put in place actually work over time and to watch for changes that could alter risk. After controls are implemented, this step checks their effectiveness, gathers evidence of performance, and flags any drift or new risks caused by changes in processes, systems, people, or external conditions. It keeps the risk picture up to date, prompts re-evaluation of residual risk, and supports continuous improvement by informing adjustments to controls or assessments as needed.

Drafting risk assessments belongs to the analysis phase that identifies and evaluates risk. Selecting control measures happens earlier in the treatment or mitigation phase. Deploying hardware upgrades is a tactical action aimed at implementation, not the ongoing oversight described by supervise and review.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy