Certified in the Governance of Enterprise IT (CGEIT) — Question 284

An enterprise is approaching the escalation date of a major IT risk. The IT steering committee wants to ascertain who is responsible for the risk response. Where should the committee find this information?

Answer options

• A. Resource management plan
• B. Risk register
• C. RACI chart
• D. Risk management plan

Correct answer: C

Explanation

The RACI chart clearly outlines roles and responsibilities, making it the best source to identify who is responsible for the risk response. The resource management plan focuses on resource allocation, the risk register records identified risks, and the risk management plan provides strategies for managing risks, but none specify accountability as directly as the RACI chart.