Ready to excel in your CIPS L5M2 Exams
✨ Premium Access ✨
🔻 Access more CIPS L5M2 Exam Past Papers 🔻
Note: $4.99 grants you access to all papers (paper 1 – paper 11)
L5M2 Exams
L5M2 Quick Exam-Ready Summary:
- Core Module
- Objective / Response Exam
- 1.5 hours Exam duration
- 60 Questions in exam
- 6 Credits Score
Principles of Risk Management
Definitions, frameworks (ISO 31000, COSO), resilience, governance, risk appetite, global drivers
Risk Identification & Classification
nternal vs external risks, PESTLE/STEEPLED, Porter’s Five Forces, demand, logistics, financial, ESG risks
Risk Assessment & Analysis
Heat maps, probability–impact matrices, risk registers, Monte Carlo, FMEA, supply chain mapping
Mitigation & Management Strategies
Strategies Avoid, transfer, reduce, accept; redundancy, diversification, collaboration, contracts, BCP, DRP
Monitoring & Continuous Improvement
KRIs, dashboards, blockchain, continuous review, lessons learned, reporting, governance integration
CIPS L5M2 Exam Focus Areas – 2025 (Master List)
“These are core learning areas, but CIPS may include questions from other parts of the syllabus.” ⚠️
1. Principles of Risk Management in Supply Chains
- Key Concepts of Risk:
- Definitions: risk, risk management, uncertainty, resilience, robustness
- Categories of risk: pure vs speculative; known vs unknown vs unknown-unknown
- Differences between enterprise risk management and supply chain risk management
- Risk appetite and tolerance within organisations
- Importance of risk culture and governance structures
- Frameworks and Approaches:
- ISO 31000, COSO, and other formal frameworks for risk management
- Supply chain risk maturity models (basic → advanced proactive systems)
- Role of supply chain visibility in enabling effective risk management
- Drivers of Risk in Modern Supply Chains:
- Globalisation and extended supply chains
- Outsourcing and offshoring
- Just-in-Time and lean practices (reducing buffers, increasing exposure)
- Political, environmental, and economic volatility
2. Risk Identification and Classification
- Internal vs External Risks:
- Internal: operational errors, process breakdowns, supplier failure, capacity shortfalls
- External: natural disasters, geopolitical instability, pandemics, cybercrime, regulatory changes
- Risk Categorisation Frameworks:
- PESTLE / STEEPLED (political, economic, social, technological, environmental, ethical, legal, demographic)
- Porter’s Five Forces (impact of buyer/supplier power, competitive intensity, substitutes, new entrants)
- Supply market mapping and segmentation
- Risk Sources in Supply Chains:
- Procurement and sourcing risks
- Logistics and transportation disruptions
- Demand volatility and forecasting errors
- Financial and currency risks
- ESG (Environmental, Social, Governance) and reputational risks
3. Risk Assessment and Analysis
- Assessment Tools:
- Risk registers and heat maps (likelihood vs impact grids)
- Probability–impact matrices
- Risk scoring and prioritisation methods
- Analytical Techniques:
- Qualitative vs quantitative assessment
- Monte Carlo simulation and sensitivity analysis
- Failure Mode and Effects Analysis (FMEA)
- Supply chain mapping to highlight critical nodes
- Prioritisation of Risks:
- Identifying high-impact, high-likelihood events
- Considering low-likelihood, high-impact “black swan” risks
- Developing critical supplier risk profiles
4. Mitigation and Management Strategies
- Strategic Options (the 4Ts):
- Avoid → eliminate risky activities/suppliers
- Transfer → insurance, contractual clauses, outsourcing
- Reduce → process controls, dual sourcing, supplier audits
- Accept → live with tolerable risks
- Tactics in Supply Chain Context:
- Redundancy (extra capacity, safety stock, alternative suppliers)
- Diversification (multi-sourcing, multi-location)
- Collaboration with suppliers for joint risk management
- Contractual protection: indemnities, force majeure, liquidated damages
- Financial instruments and insurance policies
- Business Continuity & Resilience:
- BCP (Business Continuity Planning)
- DRP (Disaster Recovery Planning)
- Crisis management planning and communication strategies
5. Monitoring, Reporting, and Continuous Improvement
- Ongoing Risk Monitoring:
- Key Risk Indicators (KRIs) and dashboards
- Early warning systems, predictive analytics, and IoT monitoring
- Blockchain for secure risk tracking
- Review and Learning:
- Periodic reviews of risk registers and mitigation strategies
- Lessons learned from major disruptions (COVID-19, Brexit, natural disasters)
- Continuous improvement tools: Kaizen, Six Sigma, Lean links
- Governance and Reporting:
- Risk reporting to senior management and boards
- Integration of supply chain risk into ESG reporting and compliance obligations
- Communication with stakeholders and regulatory bodies
View more CIPS Exams
Select the Exams you want to practice