The risk practitioner is responsible for determining which stakeholders need to be involved in the development of a risk scenario, as they have the knowledge and skills to facilitate the process and ensure that the relevant perspectives and information are considered. The risk owner, the compliance manager, and the control owner are examples of stakeholders who may participate in the risk scenario development, but they are not responsible for determining who should be involved. References = Risk Scenarios Toolkit, page 9; CRISC Review Manual, 7th Edition, page 101.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit