CGEIT Question #523: Real Exam Question with Answer & Explanation

Sign in or unlock CGEIT to reveal the answer and full explanation for question #523. The question stem and answer options stay visible for context.

Submitted by jordan8· Apr 18, 2026Governance of Enterprise IT

Question

A large enterprise is implementing an information security policy exception process. The BEST way to ensure that security risk is properly addressed is to:

Options

Aconfirm process owners' acceptance of residual risk.
Bperform an internal and external network penetration test.
Cobtain IT security approval on security policy exceptions.
Dbenchmark policy against industry best practice.

Unlock CGEIT to see the answer

You've previewed enough free CGEIT questions. Unlock CGEIT for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock CGEIT - $49.99 / 30 days Sign in

Topics

#Security Policy Exceptions#Residual Risk#Risk Acceptance#IT Risk Management

Full CGEIT Practice Browse All CGEIT Questions