CGEIT · Question #594
CGEIT Question #594: Real Exam Question with Answer & Explanation
The correct answer is B: The enterprise risk management (ERM) framework. When developing IT risk management policies and standards, it is most important to align them with the overarching enterprise risk management (ERM) framework to ensure consistency and holistic risk governance across the organization.
Question
When developing IT risk management policies and standards, it is MOST important to align them with:
Options
- AThe corporate risk culture
- BThe enterprise risk management (ERM) framework
- CEnterprise goals and objectives
- DBest practices for IT risk management
Explanation
When developing IT risk management policies and standards, it is most important to align them with the overarching enterprise risk management (ERM) framework to ensure consistency and holistic risk governance across the organization.
Common mistakes.
- A. While corporate risk culture influences risk management, the ERM framework provides the structured governance and methodology that policies and standards should follow.
- C. Enterprise goals and objectives are critical drivers for ERM, but the ERM framework is the specific mechanism for translating these goals into actionable risk management policies and standards.
- D. Best practices for IT risk management are valuable guides, but they should be adapted and integrated within the organization's specific ERM framework, not adopted in isolation.
Concept tested. IT risk management alignment with ERM
Topics
Community Discussion
No community discussion yet for this question.