easy · FRM Part 2 Operational Risk
A Tier-1 bank conducts a 'fourth-party' risk assessment and discovers that all three of its diverse cloud providers (A, B, and C) utilize the same specialized hardware security module (HSM) vendor for cryptographic key storage. This scenario represents:
- A violation of the shared responsibility model's data integrity requirement under contract.
- A systemic single point of failure through unmanaged sub-outsourcing (fourth-party concentration).
- Diversification of operational risk achieved through use of industry-standard security hardware.
- Exogenous liquidity risk resulting from increased margin requirements on the hardware collateral pool.
Sign up free to see the explanation and track your rank →
More FRM Part 2 Operational Risk practice
- Which of the following describes the 'One Big Loss' principle for heavy-tailed (subexponen
- Under the current Basel Standardized Measurement Approach (SMA) for operational risk, whic
- Which of the following is NOT one of them?
- What is the marginal coefficient for the portion of the BI that exceeds 30 billion euros?
- According to standard regulatory definitions (such as SR 11-7), which three components are
- A material change to a model is most likely to be triggered by which event?
- How long is the historical window required for calculating the average annual operational
- In the Bow-Tie analysis framework, where do 'Preventive Controls' sit relative to the oper