CRISC Certified in Risk and Information Systems Control – Question706

Who is the MOST appropriate owner for newly identified IT risk?

A.
The manager responsible for IT operations that will support the risk mitigation efforts
B. The individual with the most IT risk-related subject matter knowledge
C. The individual with authority to commit organizational resources to mitigate the risk
D. A project manager capable of prioritizing the risk remediation efforts

Correct Answer: B