Certified in the Governance of Enterprise IT (CGEIT) — Question 223

The CIO of a financial services company is tasked with ensuring IT processes are in compliance with recently instituted regulatory changes. The FIRST course of action should be to:

Answer options

• A. create an IT balanced scorecard
• B. identify the penalties for noncompliance
• C. perform a current state assessment
• D. align IT project portfolio with regulatory requirements

Correct answer: C

Explanation

The correct answer is C, as performing a current state assessment allows the CIO to understand the existing IT processes and identify gaps in compliance with the new regulations. Options A and D are more about strategy and implementation, while B, while important, does not directly address the immediate need to assess current compliance status.