CIPS Level 5 – Advanced Diploma in Procurement and

Supply

Managing Supply Chain Risk

[L5M2]

Sample Exam Questions (Objective Response)

The correct answer will be listed below each question

L5M2 Sample Questions V4 Sept 2020

Q1. The probability of discrete events with only a couple of outcomes would be a description of the focus of
which type of probability distribution?

a. Scalar distribution

b. Adverse distribution

c. Binomial distribution

d. Correlated distribution

LO: 3
AC: 3.1
Correct answer: C

Q2. ManCo Inc. is a global manufacturing organisation. It has a highly integrated supply chain. All parties are
interconnected with the result that data availability and transparency are high. ManCo’s CPO is particularly
concerned about the technological risk this approach may cause. Which of the following is such a risk for
ManCo?

a. Cyber-crime

b. Global economics

c. Labour standards

d. Economic uncertainty

LO: 1
AC: 1.1
Correct answer: A

Q3. RN Co. Ltd has entered into an agreement with a customer to manage its logistics operations. When
drawing up the contract with the customer it has decided to include a force majeure clause. Which of the
following is an example of force majeure?

a. RN Co. Ltd delivery vehicle breaks down for the third time in a week

b. RN Co. Ltd experience staff shortages of drivers and warehouse staff

c. RN Co. Ltd unable to deliver due to heavy flooding and hurricanes

d. RN Co. Ltd unable to deliver due to an administrative error by its accounts department

LO: 2
AC: 2.1
Correct answer: C

Learning outcome (LO) Assessment criteria (AC) The correct answer is listed below each question
Q4. The Sarbanes-Oxley regulations are mostly focused on …
1. investor protection
2. product quality
3. clear commercial advertising
4. corporate financial disclosure

a. 2 and 3 only

b. 1 and 2 only

c. 3 and 4 only

d. 1 and 4 only

LO: 1
AC: 1.3
Correct answer: D

Q5. Risk ownership in an organisation or company must reside with …

1. a senior level of management within the company structure
2. a risk manager regardless of position or level
3. individuals with the authority to take actions
4. the individual that initially identified the risk

a. 1 and 2 only

b. 2 and 3 only

c. 1 and 3 only

d. 2 and 4 only

LO: 3
AC: 3.3
Correct answer: C

Learning outcome (LO) Assessment criteria (AC) The correct answer is listed below each question
Q6. Is it good practice to encourage whistle-blowing amongst employees working in the supply chain if they
suspect unethical behaviour in the supply chain?

a. Yes, because these staff are more likely to be aware of such malpractices

b. Yes, because they will always know if there is unethical behaviour

c. No, because there is usually no means of them doing so confidentially

d. No, because in many countries this will be illegal as it is confidential information

LO: 1
AC: 1.3
Correct answer: A

Q7. A procurement manager is responsible for a high-risk and medium-value contract for which the
procurement organisation is critically dependent on an outsourced supplier. The procurement manager has
requested that the supplier submits a disaster recovery plan. Is a disaster recovery plan appropriate in this
scenario?

a. Yes, a disaster recovery plan, but not remedial actions, should be a requirement for all suppliers on all
contracts

b. No, the procurement manager is responsible for creating the disaster recovery plan

c. No, disaster recovery planning is only required on high-risk and high-value contracts

d. Yes, the plan will show how the supplier will continue to operate and deliver the service in a disaster
situation

LO: 2
AC: 2.2
Correct answer: D

Learning outcome (LO) Assessment criteria (AC) The correct answer is listed below each question
Q8. Recognised risk management approaches to mitigate risks include which of the following? Select TWO
that apply.

a. Treat

b. Trust

c. Translate

d. Test

e. Transfer

LO: 3
AC: 3.4
Correct answer: A & E

Q9. Software Development Inc. (SDI) develops and markets a range of business applications and products. It
has its own product development resource but also uses external contractors where expertise is not available
in-house. SDI is just about to start working with a small organisation called XNX Developers (XNX) on a highly
secret new development currently known as Project Y. SDI and XNX have worked together successfully in the
past. Ultimately, when the development is completed, SDI will pay XNX a one-off fee for exclusive and full
ownership of Project Y.

XNX is happy with this arrangement as it needs an injection of funds to support the development of its own
product range and bank finance is not available. SDI and XNX have also reached an agreement on XNX’s
acceptance to compensate SDI for potential future liability on Project Y in respect of the development work it
has undertaken.

Based on the information provided, which of the following clauses will be a priority for SDI to include in the
contract to address its specific needs?
1. Intellectual property rights
2. Force majeure
3. Jurisdiction
4. Indemnity

a. 1 and 2 only

b. 2 and 3 only

c. 3 and 4 only

d. 1 and 4 only

LO: 2
AC: 2.1
Correct answer: D

Learning outcome (LO) Assessment criteria (AC) The correct answer is listed below each question
Q10. Pharma Group Chemicals (PGC) is conducting a review of its key contracts, part of which involves a
detailed risk assessment of supplier and supply chain risks in respect of a number of its most important
products. PGC’s CPO is anxious to ensure that changes in PGC’s external environment are closely monitored
and any risks arising from the changes are acted on accordingly. The findings in respect of PGC’s top five
products are:

Product 1 – Most significant exposure is to exchange rate fluctuations. It is recommended that currency
options are used.

Product 2 – The countries where the product is used have changing population age profiles which could
impact on demand. However, this is not a significant risk so the recommendation is to do nothing at this
stage.

Product 3 – We have been aware of previous mistreatment of workers within the supply chain. Despite our
best efforts this does not seem to have been resolved, the supplier has been informed that the contract will
be ended and the contingency supplier used given their track record of impeccable conduct.

Product 4 – Local government interference has been a problem on this contract. Third party guarantees are to
be taken to help manage the risk.

For each of the products, you are required to match the external factors with the risk action taken. Choose
from these options and drag and drop your answers into the table below. [8 marks]

You can only use each option once.

Demographic factor Political factor

Economic factor Tolerate
Transfer Ethical factor
Terminate Treat

Product Type of External Factor Risk Management action

1
2
3
4

LO: 1 and 3
AC: 1.1 and 3.4
Correct answer:

Product Type of External Factor Risk Management action

1 Economic Treat
2 Demographic Tolerate
3 Ethical Terminate
4 Political Transfer

Learning outcome (LO) Assessment criteria (AC) The correct answer is listed below each question
Q11. Company A has been trying to manage risk more effectively. The management team have decided to use
a risk probability/impact matrix. The purpose of the matrix is to plot …

a. likelihood of occurrence against length of occurrence

b. seriousness of occurrence against reason for occurrence

c. likelihood of occurrence against seriousness of impact

d. rate of occurrence against length of occurrence

LO: 3
AC: 3.1
Correct answer: C

Q12. A fire at the depot of a transport company destroys its vehicle fleet. It is insured and so in time the
vehicles can be replaced. However, in the short-term it cannot fulfil customer orders and so loses business.
This loss of business is known as which of the following?

a. Consequential loss

b. Direct loss

c. Positive loss

d. Standard loss

LO: 1
AC: 1.1
Correct answer: A

Learning outcome (LO) Assessment criteria (AC) The correct answer is listed below each question
Q13. Which of the following are potential technology risks for a procurement organisation?
1. Cyber-crime
2. Cargo theft
3. Ransomware attack
4. Under-investment

a. 1 and 2 only

b. 2 and 4 only

c. 1 and 3 only

d. 3 and 4 only

LO: 1
AC: 1.1
Correct answer: C

Q14. Which of the following are types of intellectual property protection?

1. Indemnity
2. Warranty
3. Copyright
4. Trademark

a. 1 and 2 only

b. 2 and 4 only

c. 1 and 3 only

d. 3 and 4 only

LO: 2
AC: 2.1
Correct answer: D

Learning outcome (LO) Assessment criteria (AC) The correct answer is listed below each question
Q15. Unforeseen events that arise during a contract will be treated as ‘force majeure’ and all parties will be
excluded from liability. Is this correct?

a. Yes, but only if the event is genuinely beyond the control of one or all of the parties

b. No, a contract is legally binding, and the parties cannot be excluded from any liability

c. Yes, all parties will be excluded from liability even if only a minor problem arises in the contract

d. No, it is not possible to exclude responsibility for liability that might arise under a contract

LO: 2
AC: 2.1
Correct answer: A

Q16. The principle of ‘utmost good faith’ lies at the heart of contracts for the provision of insurance. Is this
correct?

a. No, caveat emptor is the fundamental principle of all insurance related contracts

b. Yes, it places the burden of responsibility on the insurance company to check the facts

c. No, it is always assumed that there are no material facts unless they are expressly stated

d. Yes, all relevant information must be fully disclosed otherwise the insurance will be void

LO: 2
AC: 2.3
Correct answer: D

Learning outcome (LO) Assessment criteria (AC) The correct answer is listed below each question
Q17. The conventional methodology for assessing risks involves the evaluation of which of the following?
Select TWO that apply.

a. Contingency

b. Responsibility

c. Probability

d. Recovery

e. Impact

LO: 3
AC: 3.1
Correct answer: C & E

Q18. Which of the following is true about the concept of ‘normal distribution’? Select THREE that apply.

a. It is based on probability

b. It is depicted as a straight line

c. The values are evenly distributed

d. It is symmetric in shape

e. It shows the variation in extreme points

f. Most values are around the mean

LO: 3
AC: 3.1
Correct answer: A, D & F

Learning outcome (LO) Assessment criteria (AC) The correct answer is listed below each question
Q19. Major International Manufacturing (MIM) has a strict risk management policy, requiring all risks to be
fully evaluated and appropriate action taken. One recent example was a risk for which MIM was able to take
out insurance to provide full protection.
A different, second risk arose because a trusted supplier had short-term performance issues. MIMG was
comfortable accepting this risk as the supplier was aware of the issue and had promised it was now resolved.
MIM’s approaches to dealing with these two risks can be best described as which of the following?

1. Terminate
2. Tolerate
3. Transfer
4. Treat

a. 1 and 2 only

b. 2 and 3 only

c. 3 and 4 only

d. 1 and 4 only

LO: 3
AC: 3.4
Correct answer: B

Q20. Green Power Group (GPG) manufactures different types of wind turbines and solar panels. A number of
changes in GPG’s external environment have been identified as creating potential risks. GPG has a risk
framework which sets out its policy for responding to such risks. Relevant information is as follows:

Risk 1 – Extreme volatility in USD currency rates, against other major currencies, has had an impact on GPG’s
costs. The risk has a medium to high rating (probability/impact). In accordance with the GPG risk framework,
the risk is too great to be ignored and so a detailed plan with specific actions of mitigation is being
implemented.

Risk 2 – Recent changes in demographics indicate potential future changes in consumer spending patterns
which might impact on the pricing of GPG’s products. The risk has been assessed as very low
(probability/impact). The risk has been noted in the GPG risk register, but no further action is required apart
from monitoring the situation annually.

Risk 3 – Due to pressure from lobby groups, GPG has changed its sourcing strategy to ensure that all
components are compatible with its sustainability policy. To accommodate its requirements GPG has started
using some new suppliers which has created additional transit and storage risks, for which GPG has taken out
insurance cover from a third-party specialist provider.

Risk 4 – Systems developments are now facilitating end-to-end supply chain integration. GPG is under
pressure to achieve such integration so it does not fall behind its rivals. However, not all GPG suppliers have
compatible systems. This has been recognised as a potential risk for GPG and the impact is potentially very
significant as the board considers GPG’s survival is dependent on full systems integration. The board has

Learning outcome (LO) Assessment criteria (AC) The correct answer is listed below each question
already decided that any suppliers which are unable to comply with GPG’s requirements will have to be
replaced.

You are required, for each risk, to determine the relevant external factor and the most appropriate risk
response.

You can only use each option once.

Environmental factor Economic factor

Social factor Technology factor
Transfer Treat
Tolerate Terminate

Risk Response External Factor

1
2
3
4

LO: 1 and 3
AC: 1.1 and 3.4
Correct answer:

Risk Response External Factor

1 Treat Economic
2 Tolerate Social
3 Transfer Environmental
4 Terminate Technology

Learning outcome (LO) Assessment criteria (AC) The correct answer is listed below each question