题目
Which of the following is TRUE about the bank's audit function?
选项
A.Internal audit is necessary because it is virtually impossible to rate (i.e., assign ratings to) the risk management function.
B.The firm's operational risk management should report directly to the internal audit function.
C.Internal auditors are responsible for reviewing monitoring procedures, tracking the progress of risk management system upgrades, and affirming the efficacy of vetting processes.
D.The assistance of internal audit should not be required to the risk governance function: a properly designed risk governance function should be able to ascertain compliance alone.
答案
C
解析
In regard to A, GARP recommends rating risk management practices: A risk management function can be rated. This rating may be used internally or by third parties.In regard to B, Risk management must be independent, even from internal audit.In regard to D, Internal audit is an essential complement to risk management. 关于A,GARP协会建议对风险管理实践进行评级:可以对风险管理功能进行评级。 此等级可以在内部使用,也可以由第三方使用。 关于B,风险管理必须独立于内部审计。 关于D,内部审计是风险管理的重要补充。