Isaca Certified in the Governance of Enterprise IT Exam CGEIT Question # 123 Topic 13 Discussion
CGEIT Exam Topic 13 Question 123 Discussion:
Question #: 123
Topic #: 13
Senior management wants to promote investment in IT, but is uncertain that associated risks are being properly identified. The BEST way to address this concern is to:
A.
engage an external consultant to develop risk scenarios.
B.
appoint an IT representative to the business risk committee.
C.
assign an IT cost controller to the finance department.
Appointing an IT representative to the business risk committee is the best way to address senior management’s concern about IT investment risks, as it would ensure that IT risks are properly identified, assessed, and communicated to the business stakeholders. The IT representative would also be able to align IT risk management with the enterprise’s risk appetite and strategy, and provide input and feedback on the IT investment decisions. The other options are not as effective, as they do not involve direct collaboration and communication between IT and business on risk matters. References: : CGEIT Review Manual (Digital Version), Chapter 4: Risk Optimization, Section 4.3: IT Risk Management, Subsection 4.3.1: IT Risk Management Overview, Page 153 : CGEIT Review Manual (Digital Version), Chapter 4: Risk Optimization, Section 4.3: IT Risk Management, Subsection 4.3.2: IT Risk Management Process, Page 156 :CGEIT Review Manual (Digital Version), Chapter 4: Risk Optimization, Section 4.3: IT Risk Management, Subsection 4.3.5: Roles and Responsibilities for IT Risk Management, Page 161
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit