New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

AGA CGFM Exam - Topic 2 Question 75 Discussion

Actual exam question for AGA's CGFM exam
Question #: 75
Topic #: 2
[All CGFM Questions]

Which of the following includes the aggregate level and types of risks that the organization is willing to assume in

order to achieve its Strategic objectives?

Show Suggested Answer Hide Answer
Suggested Answer: C

* What Is a Risk Profile?

A risk profile represents the aggregate level and types of risks that an organization is willing to accept in pursuit of its strategic objectives. It aligns with the organization's risk appetite and tolerance and helps prioritize and manage risks effectively.

This profile typically includes key risks, their likelihood, and potential impact, as well as how those risks align with the organization's mission and strategy.

* Why Is Risk Profile the Correct Answer?

The risk profile provides an enterprise-wide view of risks and their potential influence on achieving strategic goals. It aggregates risks across all levels of the organization and ensures that management considers them when making decisions.

* Why Other Options Are Incorrect:

A . Risk Register: While a risk register includes detailed descriptions of individual risks, it does not aggregate risk levels or types across the organization.

B . Risk and Control Evaluation Matrix: This tool evaluates specific risks and controls but does not capture the organization's overall risk appetite or profile.

D . Risk and Control Assessment Tool: This is a generic tool for assessing risks and controls, not for aggregating the overall risk picture.

* Reference and Documents:

OMB Circular A-123: Specifies the need for agencies to maintain a risk profile as part of enterprise risk management.

COSO ERM Framework (2017): Defines a risk profile as central to managing risks in alignment with strategic objectives.


by Muriel at Aug 15, 2025, 11:09 PM

Limited Time Offer

25%

Off

Get Premium CGFM Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Lou
2 months ago
Not sure about C, sounds too vague for me.
upvoted 0 times
...
Erick
2 months ago
Wait, isn't it A? I thought risk registers were more comprehensive.
upvoted 0 times
...
Lura
3 months ago
B seems like it could fit too, but I lean towards C.
upvoted 0 times
...
Cary
3 months ago
Totally agree, C is the right choice!
upvoted 0 times
...
Denae
3 months ago
I think it's definitely C, the risk profile.
upvoted 0 times
...
Arlene
3 months ago
I was leaning towards B, but now I'm second-guessing myself. I guess it depends on how they define "aggregate level" in the question.
upvoted 0 times
...
Yolando
4 months ago
I feel like I've seen a question similar to this before, and I think it was about how organizations define their risk tolerance. Could it be C again?
upvoted 0 times
...
Keneth
4 months ago
I'm not entirely sure, but I remember something about risk registers being more about tracking specific risks rather than the overall strategy.
upvoted 0 times
...
Lorrie
4 months ago
I think the answer might be C, risk profile, because it relates to the overall risk appetite of the organization.
upvoted 0 times
...
Oren
4 months ago
I'm a bit confused by the wording of this question. The options all sound similar, but I think the risk profile is the best fit based on the description provided. I'll mark that one and move on.
upvoted 0 times
...
Brande
4 months ago
Okay, I've got this. The risk profile is the document that outlines the organization's overall risk appetite and the types of risks they are willing to take on to achieve their strategic objectives. I'm confident that's the right answer.
upvoted 0 times
...
Idella
4 months ago
Hmm, this is a tricky one. I'm not entirely sure about the differences between these risk management terms. I'll have to review my notes and try to eliminate the options that don't seem to fit the description.
upvoted 0 times
...
Charlene
5 months ago
This looks like a question about risk management. I think the key is to identify the concept that describes the organization's overall risk appetite and tolerance. Let me think this through carefully.
upvoted 0 times
...
Elvera
5 months ago
Hmm, I was thinking B. The risk and control evaluation matrix seems to fit the description best.
upvoted 0 times
...
Regenia
6 months ago
I'm pretty sure it's C. The risk profile outlines the organization's risk appetite and tolerance levels.
upvoted 0 times
...
Nakisha
6 months ago
I agree with Magnolia, because the risk profile includes the aggregate level and types of risks.
upvoted 0 times
...
Magnolia
6 months ago
I think the answer is C) risk profile.
upvoted 0 times
...

Save Cancel