Which risk management activity would cause the internal auditor to assume a management responsibility?
Which risk management activity would cause the internal auditor to assume a management responsibility?
Prioritizing risks for management would cause the internal auditor to assume a management responsibility because this action involves making decisions that are typically the responsibility of management. Assessing management's acceptance of risk, reviewing a cybersecurity risk report issued by management, and developing a list of emerging risks for management are all activities that support management without taking on their decision-making role.
Why not c