New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CRISC Exam - Topic 4 Question 99 Discussion

Actual exam question for Isaca's CRISC exam
Question #: 99
Topic #: 4
[All CRISC Questions]

An organization has contracted with a cloud service provider to support the deployment of a new product. Of the following, who should own the associated risk?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Dean at Jun 11, 2025, 07:11 AM

Limited Time Offer

25%

Off

Get Premium CRISC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Alyce
2 months ago
Really? I’m surprised it’s not the head of enterprise architecture.
upvoted 0 times
...
Laurel
2 months ago
The information security manager has a big role here too.
upvoted 0 times
...
Shaun
2 months ago
I think the IT risk manager should own the risk.
upvoted 0 times
...
Gracia
3 months ago
Wait, shouldn’t the product owner be responsible?
upvoted 0 times
...
Gerry
3 months ago
Totally agree, they’re the ones focused on risk!
upvoted 0 times
...
Celestine
3 months ago
This is tricky! I feel like the product owner should own the risk since they are ultimately responsible for the product's success, but I could be wrong.
upvoted 0 times
...
Olive
3 months ago
I'm leaning towards the information security manager, but I feel like the head of enterprise architecture could also have a stake in it.
upvoted 0 times
...
Amber
4 months ago
I remember a practice question where the product owner was responsible for risks related to product delivery. Could that apply here too?
upvoted 0 times
...
Claudio
4 months ago
I think the IT risk manager might be the right choice since they typically handle risk assessments, but I'm not entirely sure.
upvoted 0 times
...
Valentin
4 months ago
The product owner seems like the logical choice to me. They're accountable for the success of the new product, so they should own the associated risks.
upvoted 0 times
...
Carla
4 months ago
I'm a bit confused on this one. I'll need to review the responsibilities of each role to decide who should own the risk.
upvoted 0 times
...
Vonda
4 months ago
I think the head of enterprise architecture might be a good choice here, since they have the big-picture view of the organization's technology landscape and can assess the overall risk.
upvoted 0 times
...
Josphine
4 months ago
Hmm, I'm not sure about this one. The IT risk manager or information security manager could also be responsible for managing the cloud service provider risks.
upvoted 0 times
...
Ivan
5 months ago
This one seems straightforward - the product owner should own the risk since they're responsible for the new product deployment.
upvoted 0 times
...
Sylvie
7 months ago
Haha, good one Phil! But seriously, I'm with Candida on this one. The product owner has the most skin in the game, so they should be calling the shots.
upvoted 0 times
...
Phil
7 months ago
Hold up, did someone say 'cloud'? I heard that's where all the hackers hang out these days. Better call in the ghostbusters!
upvoted 0 times
...
Tom
7 months ago
This is a tough one, but I think the head of enterprise architecture should be in charge. They're the ones who oversee the whole system, so they're best equipped to handle the risk.
upvoted 0 times
Mari
5 months ago
The information security manager should be the one in charge. They are experts in protecting data and systems from potential threats.
upvoted 0 times
...
Shawn
6 months ago
I think the IT risk manager should be responsible. They specialize in managing and mitigating risks in IT systems.
upvoted 0 times
...
Gianna
7 months ago
I agree, the head of enterprise architecture should definitely own the risk. They have the big picture view.
upvoted 0 times
...
...
Carylon
7 months ago
Hmm, I'm not so sure. The information security manager might be a better fit, since they're the ones who have to make sure the cloud service is secure.
upvoted 0 times
...
Dorcas
7 months ago
I'd say the IT risk manager. They're the ones who should be on top of all the potential risks, right?
upvoted 0 times
Shawnna
5 months ago
B) The IT risk manager
upvoted 0 times
...
Nada
6 months ago
A) The head of enterprise architecture (EA)
upvoted 0 times
...
...
Candida
7 months ago
The product owner should own the associated risk. They're responsible for the product's success, after all.
upvoted 0 times
Hyun
7 months ago
I agree, they are responsible for the product's success.
upvoted 0 times
...
Hyun
7 months ago
The product owner should own the associated risk.
upvoted 0 times
...
...
Huey
8 months ago
But shouldn't the product owner be the one to own the risk since it's their product?
upvoted 0 times
...
Meghann
8 months ago
I disagree, I believe the information security manager should be responsible.
upvoted 0 times
...
Huey
8 months ago
I think the IT risk manager should own the risk.
upvoted 0 times
...

Save Cancel