Certified in Risk and Information Systems Control (CRISC) Practice Test

Oversight committees in risk management primarily focus on monitoring and evaluating risk strategies. Their role is crucial in ensuring that the risk management processes are effective and aligned with the organization's goals. This includes assessing whether the implemented risk strategies are yielding the desired outcomes and whether they need adjustments based on changing circumstances or emerging risks.

Monitoring and evaluation enable oversight committees to provide accountability and transparency, ensuring that risks are managed proactively and that the organization's approach to risk is continually refined. By concentrating on these activities, oversight committees help maintain a robust risk management framework, which is essential for protecting the organization and supporting its objectives.

While other aspects like resource allocation, regulatory compliance, and strategic risk determination are important in the broader context of risk management, they do not encapsulate the primary focus of the oversight committees. These committees are specifically tasked with the ongoing review and assessment of how risk strategies are performing, making option D the most accurate representation of their primary function.