A project sponsor is the person or group who provides the financial, political, or organizational support for a project, and who has the authority to approve or reject the project’s objectives, scope, budget, schedule, and deliverables.
The primary recipient of reports showing the progress of a current IT risk mitigation project should be the project sponsor, because they are ultimately responsible for the success or failure of the project, and they need to be informed of the project’s status, issues, risks, and achievements on a regular basis.
The other options are not the primary recipients of reports showing the progress of a current IT risk mitigation project. They are either secondary or not essential for project reporting.
The references for this answer are:
Risk IT Framework, page 21
Information Technology & Security, page 15
Risk Scenarios Starter Pack, page 13
Submit