Regarding corporate risk governance, which of the following statements is not wrong?
  A.Management of the organization is ultimately responsible for risk oversight.
  B.The point of risk governance is to minimize the amount of risk taken by the organization.
  C.Effective risk governance requires multiple levels of accountability and authority.
  D.A risk committee is useful for enforcing the firm’s risk governance principles
  Answer: C
  The Board of Directors is ultimately responsible for risk oversight.
  Effective risk governance simply requires dear accountability; authority; and methods of communication; it is not necessary to have multiple levels.
  The point of risk governance is to consider the methods in which risk-taking is permitted, optimized, and monitored; it is not necessarily to minimize the amount of risk taken.
  The real point of risk governance is to increase the value of the organization from the perspective of the shareholders and/or stakeholders.