Governance of Enterprise IT (CGEIT) Certification Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the CGEIT Certification Exam with confidence. Access comprehensive study materials, flashcards, and practice questions. Get equipped with the knowledge you need to excel on your exam!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Who holds the responsibility for risk acceptance in an organization?

  1. The enterprise risk committee.

  2. Executive management.

  3. The business process owner.

  4. The audit committee.

The correct answer is: Executive management.

The responsibility for risk acceptance in an organization primarily lies with executive management. This is because executive management is tasked with making strategic decisions that align with the organization’s goals and risk appetite. They have the authority and accountability to weigh the potential risks against the expected benefits of activities and initiatives. Furthermore, executive management possesses a comprehensive understanding of the organization's objectives, resources, and external factors influencing risk. This enables them to make informed decisions about whether to accept, mitigate, or transfer specific risks based on the overall risk management framework established by the organization. While other entities like the enterprise risk committee, business process owner, and audit committee play significant roles in identifying, assessing, and monitoring risks, they typically do not have the final authority to accept risks on behalf of the organization. The risk acceptance is a strategic decision that indicates how much risk the organization is willing to tolerate in pursuit of its objectives, hence the critical role of executive management in this process.

More Questions Like This