Certification in Risk Management Assurance™ (CRMA®) Exam Syllabus — Domain I
Organizational governance related to risk management (25-30%)
A. Assess risk management processes in the context of alignment with strategic imperatives
- Objectives of risk management processes
- Organization's risk culture
- Risk capacity, appetite, and tolerance of organization
B. Assess the processes related to the elements of the internal environment in which organizations seek to manage risks and achieve objectives
- Integrity, ethical values, and other soft controls
- Role, authority, responsibility, etc., for risk management
- Management's philosophy and operating style
- Legal/Organizational structure
- Documentation of governance-related decision-making
- Capabilities, in terms of people and other resources (e.g., capital, time, processes, systems, and technologies)
- Management of third party business relationships
- Needs and expectations of key internal stakeholders
- Internal policies
C. Assess the processes related to the elements of the external environment in which organizations seek to manage risks and achieve objectives
- Key external factors (drivers and trends) that may impact the objectives of the organization
- Needs and expectations of key external stakeholders (e.g., involved, interested, influenced)