CISA Certified Information Systems Auditor – Question2602

A multinational company wants to establish a mandatory global standard for information security including data protection and privacy. Which of the following should be the GREATEST concern to an IS auditor?

A.
Inconsistent roll-out of the standard across all countries.
B. Increased organizational effort without any tangible benefit
C. Noncompliance with local laws in the affected countries
D. Lack of adoption by organized labor groups in all affected countries

Correct Answer: C