Certified Governance Risk and Compliance (CGRC) Practice Exam 2025 - Free CGRC Practice Questions and Study Guide

The correct choice highlights that a risk register primarily serves as a comprehensive document that records all identified risks associated with a project or organization. It provides a systematic way to document, monitor, and manage potential risks throughout the lifecycle of the project.

This register typically includes details about each risk such as its description, the probability of occurrence, potential impact, and the status of the risk. By maintaining a clear record of identified risks, stakeholders can prioritize their response strategies and allocate resources effectively to mitigate adverse impacts.

While a list of potential responses, mitigation techniques, and project sponsors may pertain to risk management, they are not fundamental elements that define a risk register. Instead, these aspects would typically be addressed in other related documentation or sections of risk management planning but do not constitute the core focus of a risk register itself.