Question 76
Main Page
In a board presentation, you're asked about how risk ownership is distributed. What should you emphasize?
A. CISOs own all risks
B. Risk is shared across all staff equally
C. Risk owners are typically the asset or process owners
D. Legal and audit teams own operational risk
Answer: C. Risk owners are typically the asset or process owners
Those responsible for assets or business processes also own the related risks—they're in the best position to make informed decisions.