A. Risk owner
The risk owner is responsible for overseeing the control environment and ensuring that the controls put in place to mitigate identified risks are effective. This includes monitoring the controls' performance, assessing their adequacy, and taking corrective actions if needed. While security monitoring operations and system owners play crucial roles in implementing and maintaining controls, the ultimate accountability for control effectiveness often rests with the risk owner, as they have a vested interest in managing the associated risks. Data owners, on the other hand, may be responsible for specific data-related controls but not necessarily the entire control environment.
Is the control must be security related?
I will go for A, risk owner.
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.CRISC Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Staanlee
10 months, 3 weeks agoCbtL
1 year, 3 months agohelg420
1 year, 3 months agoSuchib
1 year, 7 months agoCeecil1959
2 years, 3 months agotsangckl
2 years, 4 months ago