CRISC Certified in Risk and Information Systems Control – Question380

Which of the following are the responsibilities of Enterprise risk committee? Each correct answer represents a complete solution. Choose three.

A.
React to risk events
B. Analyze risk
C. Risk aware decision
D. Articulate risk

Correct Answer: BCD

Explanation:

Explanation:
Risk aware decision, analyzing risk, and articulating risk are the responsibilities of Enterprise risk committee. They are the executives who are accountable for the enterprise level collaboration and consensus required to support enterprise risk management (ERM) activities and decisions. An IT risk council may be established to consider IT risk in more detail and advise the enterprise risk committee. ERC ensure that these activities are completed successfully.
Incorrect Answers:
A: ERM is not responsible for reaction over risk events. Business process owners are accounted for this task.