Certified Governance Risk and Compliance (CGRC) Practice Exam 2025 - Free CGRC Practice Questions and Study Guide

The correct response is avoidance, which refers to a risk management strategy where the project plan is changed in such a way that the identified risk is completely eliminated or circumvented. This approach is proactive and is typically employed when a potential risk is deemed significant enough that it could adversely impact project objectives, timelines, or outcomes.

In practice, avoidance could mean changing the scope of a project, altering processes, or even canceling a project component that poses too high a risk. For example, if there is a risk that a specific technology may fail during implementation, avoidance might involve selecting a more reliable technology instead.

Mitigation, on the other hand, refers to efforts taken to reduce the impact or likelihood of a risk rather than completely eliminating it. Acceptance means acknowledging the risk and deciding to proceed with the project while being prepared for the potential consequences. Transfer involves shifting the burden of the risk to another party, such as through insurance or outsourcing. Each of these strategies serves a different purpose in risk management, but avoidance is the specific action that entails altering the project plan to eliminate the risk entirely.