An enterprise has been focused on establishing an IT risk management framework. Which of the following should be the PRIMARY motivation behind this objective?
A.
Increasing the enterprise's risk tolerance level and risk appetite.
B.
Engaging executives in examining IT risk when developing policies.
C.
Promoting responsibility throughout the enterprise for managing IT risk.
D.
Maintaining a complete and accurate risk registry to better manage IT risk.
C. Promoting responsibility throughout the enterprise for managing IT risk.
While all the options presented are relevant to IT risk management, promoting responsibility throughout the enterprise for managing IT risk is the primary motivation behind establishing an IT risk management framework. This involves ensuring that everyone in the organization understands their role in identifying, assessing, mitigating, and managing IT risks. It fosters a culture of risk awareness and accountability across all levels of the enterprise.
By promoting responsibility for managing IT risk, organizations can effectively integrate risk management into their daily operations and decision-making processes, leading to a more resilient and secure IT environment. The other options mentioned are important aspects of IT risk management but are typically outcomes or components of a well-established risk management framework rather than the primary motivation.
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.CGEIT Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
SuperMax
10 months, 3 weeks ago