Certified Information Security Manager (CISM) — Question 1210

In a multinational organization, local security regulations should be implemented over global security policy because:

Answer options

• A. business objectives are defined by local business unit managers.
• B. deploying awareness of local regulations is more practical than of global policy.
• C. global security policies include unnecessary controls for local businesses.
• D. requirements of local regulations take precedence.

Correct answer: D

Explanation

The correct answer is D because local regulations are legally binding and must be adhered to by the organization, thereby taking precedence over broader global policies. Options A, B, and C do not accurately capture the legal necessity and priority of local regulations compared to global policies.