Role of the Risk Function

The risk function is responsible for documenting, monitoring, and overseeing risk policies and

frameworks.

It ensures the organization maintains structured risk governance, reporting, and compliance.

Key Responsibilities

Developing Risk Management Manuals to define risk appetite, risk frameworks, and risk governance

structures.

Creating Risk Policies that align with regulatory standards and internal controls.

Why Answer B is Correct

The risk function primarily develops, implements, and maintains risk management frameworks,

which include formal manuals and policies.

Why Other Answers Are Incorrect

Option

Explanation

A . Documenting its activities, typically by

operating and then recording the daily operation

of controls.

Incorrect – The first line of defense (business units)

handles daily operational controls, not the risk

function.

C . Putting in place the servers, firewalls, and

software to ensure cybersecurity.

Incorrect – Cybersecurity is an IT responsibility, while

the risk function oversees cyber risk frameworks.

D . Creating a trial balance, balance sheet

statement, and cash flow statement.

Incorrect – These are financial accounting

responsibilities, not risk management duties.

PRMIA Reference for Verification

PRMIA Governance Framework for Risk Management

Basel Risk Management Principles