Certified in Risk and Information Systems Control (CRISC) — Question 1125

In response to recent security incidents, the IT risk management team is promoting a global security plan that defines controls to be implemented in multiple regions. Which of the following BEST enables the successful deployment of this plan?

Answer options

• A. Obtain the approval of each regional head.
• B. Engage an external auditor in each region before deployment.
• C. Provide each region with adequate funding.
• D. Allow each region to adapt the plan to its local requirements

Correct answer: D

Explanation

The correct answer is D because allowing regions to adapt the plan to their specific local requirements ensures that the controls are practical and effective in varying contexts. Options A, B, and C, while potentially helpful, do not directly address the necessity for local adaptation, which is critical for the successful deployment of a global security plan.