An IT governance committee is defining a risk management policy for a portfolio of IT-enabled investments. Which of the following should be the PRIMARY consideration when developing the policy?
A. Risk appetite of the enterprise
B. Risk management framework
C. Value obtained with minimum risk
D. Possible investment failures
A. Risk appetite of the enterprise
B. Risk management framework
C. Value obtained with minimum risk
D. Possible investment failures