Certified in the Governance of Enterprise IT (CGEIT) — Question 337

Which of the following BEST reflects mature risk management in an enterprise?

Answer options

• A. A regularly updated risk register
• B. Responsive risk awareness culture
• C. Ongoing risk assessment
• D. Ongoing investment in risk mitigation

Correct answer: C

Explanation

Continuous risk assessment is essential for mature risk management as it ensures that the organization regularly identifies and evaluates potential risks. While a regularly updated risk register, a responsive risk awareness culture, and ongoing investment in risk mitigation are important, they are not as critical as the continuous assessment process that adapts to new risks.