Which of the following would BEST prepare an information security manager for regulatory reviews?

Which of the following would BEST prepare an information security manager for regulatory reviews?
A . Assign an information security administrator as regulatory liaison
B . Perform self-assessments using regulatory guidelines and reports
C . Assess previous regulatory reports with process owners input
D . Ensure all regulatory inquiries are sanctioned by the legal department

View Answer

Answer: B

Explanation:

Self-assessments provide the best feedback on readiness and permit identification of items requiring remediation. Directing regulators to a specific person or department, or assessing previous reports, is not as effective. The legal department should review all formal inquiries but this does not help prepare for a regulatory review.