Certified in the Governance of Enterprise IT (CGEIT) — Question 40

The approval of an enterprise risk management framework is the role of the:

Answer options

• A. chief information officer.
• B. chief risk officer.
• C. IT steering committee
• D. board of directors.

Correct answer: D

Explanation

The board of directors has the ultimate authority and responsibility for approving the enterprise risk management framework, ensuring that it aligns with the organization's objectives. The other options, while involved in risk management, do not have the final say in the approval process.