Which statement best distinguishes governance from management in risk oversight?

Master the CIMA Risk Management P3 exam. Prepare with flashcards, multiple-choice questions, and detailed explanations. Excel in risk management!

Multiple Choice

Which statement best distinguishes governance from management in risk oversight?

Explanation:
The key idea is separating strategic oversight from operational execution. Governance is about establishing the framework for risk—setting the policy, defining risk appetite, and providing ongoing oversight to ensure the organization stays within those bounds and that risk information reaches the right people. Management lives in the day-to-day realm: it implements controls, conducts risk assessments and responses, runs the daily risk management activities, and reports risk information up the chain. That’s why the best statement is the one that says governance sets risk policy, appetite, and oversight, while management runs day-to-day risk management and reporting. The other statements mix up who does what—day-to-day risk work belongs to management, not governance; governance does not implement controls, and it does not typically approve the strategy—that is the management’s role in practice.

The key idea is separating strategic oversight from operational execution. Governance is about establishing the framework for risk—setting the policy, defining risk appetite, and providing ongoing oversight to ensure the organization stays within those bounds and that risk information reaches the right people. Management lives in the day-to-day realm: it implements controls, conducts risk assessments and responses, runs the daily risk management activities, and reports risk information up the chain.

That’s why the best statement is the one that says governance sets risk policy, appetite, and oversight, while management runs day-to-day risk management and reporting. The other statements mix up who does what—day-to-day risk work belongs to management, not governance; governance does not implement controls, and it does not typically approve the strategy—that is the management’s role in practice.

Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy