Certified in the Governance of Enterprise IT (CGEIT) — Question 280

An enterprise has entered into a new market which brings additional regulatory compliance requirements. To address these new requirements, the enterprise should FIRST:

Answer options

• A. update the organization's risk profile.
• B. have executive management monitor compliance.
• C. outsource the compliance process.
• D. appoint a compliance officer.

Correct answer: B

Explanation

The correct answer is B because having executive management monitor compliance ensures that there is oversight and accountability at the highest level, which is crucial when dealing with new regulations. Options A, C, and D are important steps but should follow the establishment of a strong compliance oversight by management to effectively address the new requirements.