Certified in the Governance of Enterprise IT (CGEIT) — Question 42

An enterprise is implementing its FIRST mobile sales channel. Final approval for accepting the associated IT risk should be obtained from which of the following?

Answer options

Correct answer: C

Explanation

The Business sponsor is the correct answer because they are primarily responsible for the strategic direction and funding of the project, thus they must approve the associated IT risks. The IT steering committee, Chief information officer, and Risk manager may provide input or recommendations, but the final decision rests with the Business sponsor.