Which of the following is NOT a primary goal of risk management?

The correct answer is that eliminating all risks is not a primary goal of risk management. In risk management, the focus is on understanding, assessing, and mitigating risks to an acceptable level rather than eradicating them entirely. It is recognized that risks can never be completely eliminated; instead, organizations aim to manage these risks through various strategies such as avoidance, transfer, mitigation, and acceptance.

Minimizing risk exposure involves taking steps to reduce the potential impact and likelihood of risks, which is a central aspect of risk management practices. Monitoring compliance ensures that the organization adheres to established laws, regulations, and internal policies, and is essential for maintaining a good risk posture. Enhancing organizational resilience refers to strengthening the capacity of an organization to anticipate, prepare for, respond to, and recover from various risks, thereby supporting long-term sustainability and stability.

In summary, while minimizing exposure, monitoring compliance, and enhancing resilience are all integral to risk management, the goal of eliminating all risks is unrealistic and not aligned with the foundational principles of effective risk management.