Certified in the Governance of Enterprise IT (CGEIT) — Question 210

Which of the following is the MOST effective way to manage risks within the enterprise?

Answer options

• A. Make staff aware of the risks in their area and risk management techniques.
• B. Provide financial resources for risk management systems.
• C. Document procedures and reporting processes.
• D. Assign individuals responsibilities and accountabilities for management of risks.

Correct answer: D

Explanation

Assigning individuals responsibilities and accountabilities for management of risks ensures that there is clear ownership and oversight of risk-related activities, leading to more effective risk mitigation. While raising awareness, providing resources, and documenting processes are important, they are less effective without clearly defined roles that drive accountability and action.