CISI Risk in Financial Services Cheat Sheet

May 1, 2026

Review a compact CISI Risk in Financial Services cheat sheet for operational, credit, market, liquidity, investment, model, governance, oversight, and ERM traps before Finance Prep practice.

On this page

Use this CISI Risk in Financial Services cheat sheet as a risk-type and governance checklist before mixed practice. The exam usually rewards the answer that identifies the risk type, owner, control failure, and escalation level rather than applying one generic “risk management” response.

Open CISI Risk in Financial Services practice for the free 100-question diagnostic, topic pages, timed mocks, and the full Finance Prep practice bank.

Open Risk practice Try the free diagnostic

Exam snapshot

Item	CISI Risk cue
Provider	CISI
Exam	Risk in Financial Services
Format	100 multiple-choice questions in 120 minutes
Main practice behavior	identify risk types, governance responsibilities, control responses, and enterprise-risk tradeoffs
Finance Prep status	live practice available

Topic checklist

Area	What to know	Common trap
Risk principles	appetite, tolerance, capacity, culture, controls, three lines	confusing a formal statement with actual behavior
International regulation	capital, liquidity, conduct, systemic-risk, supervisory themes	memorizing names without knowing control purpose
Operational risk	process failure, people, systems, cyber, outsourcing, incidents	calling every event market or credit risk
Credit risk	default, counterparty, exposure, collateral, concentration	focusing only on borrower failure
Market risk	rates, equity, FX, commodity, volatility, VaR-style thinking	treating all price movement as investment risk
Investment risk	portfolio volatility, concentration, benchmark, client exposure	ignoring mandate and objective
Liquidity risk	funding liquidity, market liquidity, stress, cash-flow pressure	assuming liquid assets always sell at fair value
Model risk	data, assumptions, validation, limitations, governance	trusting output because the model is complex
Governance and oversight	board, senior management, risk committees, reporting, challenge	assigning ownership to the wrong level
ERM	enterprise view, aggregation, risk appetite, stress, culture	managing each risk silo in isolation

Must-know distinctions

Risk appetite versus risk tolerance: strategic willingness versus specific limits or thresholds.
Operational risk versus market risk: process/system failure versus market-price movement.
Funding liquidity versus market liquidity: ability to raise cash versus ability to sell assets without unacceptable price impact.
Credit risk versus counterparty risk: borrower failure versus trading or transaction counterparty failure.
Model risk versus data risk: model design and assumptions versus input quality and data governance.
Risk culture versus risk framework: behavior and incentives versus formal policies and structures.

Common traps

Choosing a board action when the stem needs management escalation or control remediation first.
Treating a loss event as the same thing as the underlying risk cause.
Ignoring concentration when individual exposures look acceptable.
Trusting model output without asking about validation, assumptions, or data quality.
Picking the control that reduces one risk while worsening liquidity, conduct, or operational exposure.

Practice strategy

After each set, sort misses into risk identification, ownership, control response, or governance escalation. If you can name the risk but cannot name the owner or control response, drill the topic page before another full diagnostic.

Revised on Monday, May 25, 2026

Free Practice Exam