Certified in the Governance of Enterprise IT (CGEIT) — Question 74

Which of the following is the MOST effective approach to ensure senior management sponsorship of IT risk management?

Answer options

• A. Periodically review the IT risk register entries.
• B. Benchmark risk framework against best practices.
• C. Integrate IT risk into enterprise risk management.
• D. Calculate financial impact for each IT risk finding.

Correct answer: C

Explanation

The correct answer is C because integrating IT risk into enterprise risk management aligns IT risks with the organization's overall risk strategy, making it more relevant to senior management. The other options, while useful, do not directly enhance the visibility and importance of IT risk at the executive level as effectively as integration does.