PGMP · Question #403
A global financial system is being delivered by the program team to allow access from anywhere in the world. Following a new cross-border regulation applying to privacy of local banking data accessed
The correct answer is D. Assess the impact of the audit and potential remediation on the program. When an unexpected regulatory event emerges that was not in the program roadmap, the immediate step is to assess its full impact before taking any corrective action. Acting without assessment risks scope creep or uninformed decisions.
Question
A global financial system is being delivered by the program team to allow access from anywhere in the world. Following a new cross-border regulation applying to privacy of local banking data accessed from abroad, the CEO of the bank requests that an external audit be conducted to validate compliance with this new regulation. This event, which was not anticipated at this phase of the program, will generate additional work for the program team. This effort is not included in the current program roadmap and benefits delivery plan. What immediate actions should the program manager take?
Options
- ANegotiate with the CEO in an attempt to avoid the audit
- BDe-scope the capabilities of the system to not allow access from abroad
- CAccept the risk of the audit and continue the program as planned
- DAssess the impact of the audit and potential remediation on the program
How the community answered
(39 responses)- A3% (1)
- B5% (2)
- C13% (5)
- D79% (31)
Why each option
When an unexpected regulatory event emerges that was not in the program roadmap, the immediate step is to assess its full impact before taking any corrective action. Acting without assessment risks scope creep or uninformed decisions.
Negotiating to avoid a compliance audit mandated by the CEO is inappropriate and ignores the regulatory obligation driving the request.
De-scoping the system to remove international access would fundamentally contradict the program's core purpose of enabling global financial access.
Accepting the risk and continuing without assessment ignores the real, unplanned effort and cost the audit will impose on the program team.
Assessing the impact of the audit and potential remediation is the correct immediate action because the program manager must first understand the scope, schedule, and cost implications of this unplanned compliance activity before adjusting the roadmap or escalating. Impact assessment is the foundation of any informed change management decision within a program.
Concept tested: Program impact assessment for unplanned regulatory events
Source: https://www.pmi.org/pmbok-guide-standards/foundational/program-management
Topics
Community Discussion
No community discussion yet for this question.