CRISC Certified in Risk and Information Systems Control – Question808

An organization has introduced risk ownership to establish clear accountability for each process. To ensure effective risk ownership, it is MOST important that:

A.
risk owners have decision-making authority.
B. senior management has oversight of the process.
C. segregation of duties exists between risk and process owners.
D. process ownership aligns with IT system ownership.

Correct Answer: C