OCEG Exam GRCP Topic 1 Question 13 Discussion

Actual exam question for OCEG's GRCP exam

Question #: 13
Topic #: 1

[All GRCP Questions]

In the IACM, what are the two types of Proactive Actions & Controls?

AReactive Actions & Controls and Passive Actions & Controls

BPrevent/Deter Actions & Controls and Promote/Enable Actions & Controls

CCentralized Actions & Controls and Decentralized Actions & Controls

DQuantitative Actions & Controls and Qualitative Actions & Controls

Show Suggested Answer

Suggested Answer: B

The two types of Proactive Actions & Controls in the IACM are:

Prevent/Deter Actions & Controls:

Focus on avoiding unfavorable events and reducing risks before they occur.

Example: Implementing security protocols to deter cyberattacks.

Promote/Enable Actions & Controls:

Facilitate the realization of opportunities and favorable outcomes.

Example: Employee training programs to improve productivity.

Why Other Options Are Incorrect:

A: Reactive and passive actions are not proactive by definition.

C: Centralization/decentralization pertains to organizational structure.

D: Quantitative and qualitative are methods, not categories of controls.

OCEG IACM Framework: Details types of proactive controls for risk and opportunity management.

by Detra at Jun 14, 2025, 01:32 PM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

19 hours ago

I was just about to say the same thing! Looks like we're on the same page.

upvoted 0 times

...

4 days ago

I think the two types are Prevent/Deter Actions & Controls and Promote/Enable Actions & Controls.

upvoted 0 times

...

7 days ago

B) Prevent/Deter Actions & Controls and Promote/Enable Actions & Controls. That's the correct answer, I'm sure of it.

upvoted 0 times

...