Certified Internal Auditor (CIA) Part 1: Business Acumen — Question 92

Who is held responsible for oversight of the organization’s risk management framework?

Answer options

• A. Operational management.
• B. Board of directors.
• C. Internal auditors.
• D. Head of risk management.

Correct answer: D

Explanation

The Head of risk management is primarily responsible for overseeing the organization's risk management framework, ensuring that all aspects of risk are addressed effectively. While operational management, the board of directors, and internal auditors play important roles in governance and oversight, the direct responsibility for the risk management framework lies with the Head of risk management.