Ensuring Sufficient Time and Attention to Risk Events

C.

The CEO of a large enterprise is concerned that risk events are not regularly addressed at the C-suite level unless related to emergency incidents. To ensure risk events are given sufficient time and attention, the BEST way for the CEO is to include the discussion of key enterprise risks as an agenda item at board meetings (Option C).

Explanation:

Option A: Instruct managers to take ownership for their department's identified risks This option suggests that managers should take ownership of their department's identified risks. However, this approach does not address the CEO's concern about risk events not being regularly addressed at the C-suite level.

Option B: Issue performance objectives that target the elimination of enterprise risks This option suggests issuing performance objectives that target the elimination of enterprise risks. While it is important to set objectives, this approach does not guarantee that risks will be regularly addressed at the C-suite level.

Option C: Include the discussion of key enterprise risk as an agenda item at board meetings This option suggests that the CEO includes the discussion of key enterprise risks as an agenda item at board meetings. This is the BEST option as it ensures that risk events are given sufficient time and attention at the highest level of the organization. Regular discussions at the board level will encourage the C-suite to address risks and ensure that they are managed appropriately.

Option D: Require the development of a risk procedure on how to capture risks This option suggests requiring the development of a risk procedure on how to capture risks. While it is important to have a procedure in place, this approach does not address the CEO's concern about risk events not being regularly addressed at the C-suite level.