CGEIT Certified in the Governance of Enterprise IT – Question013

Which of the following would be the BEST way for an enterprise to address new legal and regulatory requirements applicable to IT?

A.
Benchmark how other IT organizations are treating the new requirements.
B. Adopt a zero-tolerance approach for noncompliance with regulatory matters.
C. Treat as a risk to be assessed before developing a response.
D. Use a cost-benefit analysis to determine if compliance is warranted.

Correct Answer: D