Which of the following is MOST appropriate method to evaluate the potential impact of legal, regulatory, and contractual requirements on business objectives?
A . Communication with business process stakeholders
B . Compliance-oriented business impact analysis
C . Compliance-oriented gap analysis
D . Mapping of compliance requirements to policies and procedures
Answer: B
Explanation:
A compliance-oriented BIA will identify all the compliance requirements to which the enterprise has to align and their impacts on business objectives and activities. It is a discovery process meant to uncover the inner workings of any process. Hence it will also evaluate the potential impact of legal, regulatory, and contractual requirements on business objectives.
Incorrect Answers:
A: Communication with business process stakeholders is done so as to identify the business objectives, but it does not help in identifying impacts.
C: Compliance-oriented gap analysis will only identify the gaps in compliance to current requirements and will not identify impacts to business objectives.
D: Mapping of compliance requirements to policies and procedures will identify only the way the compliance is achieved but not the business impact.
Leave a Reply