Certified in the Governance of Enterprise IT (CGEIT) — Question 341

Which of the following is the BEST way to implement effective IT risk management?

Answer options

• A. Minimize the number of IT risk management decision points.
• B. Adopt risk management processes.
• C. Establish a risk management function.
• D. Align with business risk management processes.

Correct answer: D

Explanation

Aligning IT risk management with business risk management processes ensures that IT risks are managed in a way that supports overall organizational objectives. While the other options may contribute to risk management, they do not provide the comprehensive integration that is necessary for effectiveness.