Certified Information Security Manager (CISM) — Question 417

Which of the following is the BEST approach to reduce unnecessary duplication of compliance activities?

Answer options

• A. Integration of assurance efforts
• B. Automation of controls
• C. Documentation of control procedures
• D. Standardization of compliance requirements

Correct answer: A

Explanation

The correct answer, A, emphasizes the need to unify different compliance assurance activities, which helps in avoiding overlap and redundancy. Options B, C, and D, while beneficial in their own rights, do not directly address the integration aspect, thus making them less effective in reducing duplication.