Free ISACA CISM Actual Exam Questions - Question 14 Discussion
Question No. 14
Which of the following is the responsibility of a risk owner?
Select one option, then reveal solution.
US
JG
Jason G.
2026-02-21
C imo, risk owners usually sign off on treatment plans, not implement them directly.
0
NR
Naveed R.
2026-01-28
A/B? I think B is less likely since control effectiveness is more an auditor or control owner job, but the risk owner definitely has to work closely on treatment, so A fits better than C or D.
0
IW
Irfan W.
2026-01-23
It’s C for me. The risk owner typically approves risk treatment plans rather than directly handling implementation, which is more on control owners or others involved in the process.
0
IW
Irfan W.
2026-01-19
A imo, because the risk owner is usually hands-on with making sure the treatment plans get done, not just approving them like in C or D. B feels more like what auditors or control owners do.
0
CC
Chris C.
2026-01-15
Probably A
0