Question 15 - GAQM ISO-31000-CLA Real Exam Questions [Feb 2026 Update]

Q: 15

Which of the following ensures that uncertainty is managed so the organization can meet its objectives?

Options

Correct Answer:

Explanation

Enhanced Risk Management (ERM) describes a mature and integrated approach where risk management is embedded into an organization's governance, strategy, and decision-making processes. Its primary goal is to proactively manage the "effect of uncertainty on objectives," which is the definition of risk according to ISO 31000. By enhancing risk management, an organization moves beyond simple compliance to use the framework as a strategic tool to improve performance, foster innovation, and ensure its objectives are met. This aligns directly with the purpose of risk management as defined in the ISO 31000 standard, which is to create and protect value.

Why Incorrect

A. Extended risk management: This is not a standard or formally recognized term within the ISO 31000 framework or mainstream risk management literature.

C. Evasive risk management: This is not a recognized term. The word "evasive" implies avoiding responsibility, which is contrary to the proactive and accountable principles of ISO 31000.

D. Avoidance risk management: Risk avoidance is a specific risk treatment option (i.e., deciding not to pursue an activity), not a comprehensive management system for achieving all organizational objectives.

References

1. ISO 31000:2018, Risk management — Guidelines, Clause 4, Principles. The standard states, "The purpose of risk management is the creation and protection of value. It improves performance, encourages innovation and supports the achievement of objectives." An "enhanced" system is one that successfully fulfills this purpose.

2. Leitch, M. (2010). "ISO 31000:2009—The new international standard on risk management". Risk Analysis: An International Journal, 30(6), 887-892. The paper discusses how the standard provides a basis for organizations to improve and enhance their risk management practices to better support the achievement of objectives (p. 888, Section 2). DOI: https://doi.org/10.1111/j.1539-6924.2010.01426.x

3. Purdy, G. (2010). "ISO 31000:2009—Setting a New Standard for Risk Management". Risk Analysis, 30(6), 881-886. This article explains that ISO 31000 is designed to help organizations enhance the likelihood of achieving objectives by managing uncertainty effectively (p. 882, Introduction). DOI: https://doi.org/10.1111/j.1539-6924.2010.01442.x

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE