What type of policy provides instructions on what actions should be avoided by the organization?
Correct Answer: C
AProscriptive Policyoutlinesactions or behaviors that should be avoidedto ensure compliance, ethical conduct, and risk mitigation. * Definition of Proscriptive Policies: * Focus on prohibited activities or practices that may harm the organization or breach regulations. * Example: Policies banning insider trading or discriminatory practices. * Purpose: * Protect the organization from legal, reputational, or operational risks by explicitly identifying unacceptable behaviors. * Why Other Options Are Incorrect: * A: Prescriptive policies specify actions that should be taken, not avoided. * B: Procedural policies provide step-by-step instructions for processes, not prohibitions. * D: Reactive policies respond to incidents after they occur, rather than proactively avoiding them. References: * ISO 37301 (Compliance Management Systems): Discusses proscriptive policies in regulatory compliance. * COSO Framework: Highlights the role of policies in mitigating risk.
Question 167
How is the efficiency of the LEARN component measured in terms of the use of capital?
Correct Answer: A
Question 168
What type of events should be discovered through inquiry?
Correct Answer: B
Question 169
Which aspect of culture includes workforce satisfaction, loyalty, turnover rates, skill development, and engagement?
Correct Answer: B
Question 170
In the IACM, what is the role of Promote/Enable Actions & Controls?
Correct Answer: A
Promote/Enable Actions & Controlsin theIACMfocus on creating conditions that foster positive outcomes and support the achievement of organizational objectives. These actions aim to increase the likelihood of favorable events by empowering employees, improving processes, and encouraging desirable behaviors. Key Points About Promote/Enable Actions & Controls: * Purpose: * These actions are designed to enhance performance, innovation, and collaboration across the organization. * Examples include leadership development programs, employee incentives, and knowledge- sharing platforms. * Alignment with Organizational Objectives: * Promote/Enable controls help align employee actions and behaviors with strategic goals, ensuring that favorable outcomes are achieved. * Examples: * Offering training programs to improve skills and increase employee performance. * Establishing rewards programs to motivate employees. Why Option A is Correct: Promote/Enable Actions & Controls aim toincrease the likelihood of favorable events, aligning employees and processes with organizational objectives. Why the Other Options Are Incorrect: * B: While communication may support favorable outcomes, it is not the primary focus of Promote /Enable actions. * C: Setting performance metrics is part of governance or monitoring, not promotion or enablement. * D: Mitigating security threats is a preventive or corrective action, not a Promote/Enable activity. References and Resources: * Balanced Scorecard Framework- Emphasizes enabling actions for strategic alignment. * ISO 9001:2015- Promotes a culture of continual improvement and innovation.
