456 B
456 B
There's a difference in transfering a Risk (i.e. transfering Risk Ownership) and transfering the responsibility for managing the risk.
Who should be appointed as Risk Owner?
Consider this example: the reception makes keys available to visitors, but says it isn't able to keep a proper administration because of lack of time. Reception argues it is the responsibility of Facilities. This begs the question: Who is responsible for granting access to rooms?