Certified in Risk and Information Systems Control (CRISC) — Question 1266

A data privacy regulation has been revised to incorporate more stringent requirements on personal data protection. Which of the following will provide the MOST important input to help ensure compliance with the revised regulation?

Answer options

• A. Gap analysts
• B. Risk profile update
• C. Business impact analysis (BIA)
• D. Current control attestation

Correct answer: A

Explanation

Gap analysts are essential for identifying discrepancies between current practices and the new regulatory requirements, making them vital for ensuring compliance. While a risk profile update, business impact analysis, and current control attestation are useful, they do not directly address the gaps in compliance as effectively as gap analysts do.