Certified in the Governance of Enterprise IT (CGEIT) — Question 33

To ensure IT risk is managed in a consistent manner, it is MOST important for IT governance to establish a:

Answer options

• A. risk management reporting tool to ensure compliance.
• B. balanced scorecard that includes IT risks.
• C. risk management committee to identify IT-related risks.
• D. risk management framework.

Correct answer: C

Explanation

The correct answer is C because a risk management committee plays a vital role in identifying and addressing IT-related risks effectively. While the other options such as tools and frameworks are important, they do not directly focus on the proactive identification of risks, which is essential for consistent risk management.