SY0-701 · Question #355
SY0-701 Question #355: Real Exam Question with Answer & Explanation
The correct answer is A: Fines. Fines are the direct, legally mandated penalty imposed by regulatory authorities for violating data privacy laws - they are measurable, immediate, and quantifiable, making them the most compelling argument for budget justification before a board that responds to financial risk. R
Question
The Chief Information Security Officer (CISO) has determined the company is non-compliant with local data privacy regulations. The CISO needs to justify the budget request for more resources. Which of the following should the CISO present to the board as the direct consequence of non- compliance?
Options
- AFines
- BReputational damage
- CSanctions
- DContractual implications
Explanation
Fines are the direct, legally mandated penalty imposed by regulatory authorities for violating data privacy laws - they are measurable, immediate, and quantifiable, making them the most compelling argument for budget justification before a board that responds to financial risk.
Reputational damage (B) is a real concern but is an indirect and difficult-to-quantify downstream effect, not a consequence regulators impose directly. Sanctions (C) are typically restrictions or prohibitions on business operations - possible in severe cases, but not the primary or most common direct consequence of data privacy non-compliance. Contractual implications (D) - such as breached SLAs or voided agreements with partners - are secondary effects that flow from non-compliance, not a direct regulatory action.
Memory tip: The question hinges on the word "direct" - when regulators catch you non-compliant, the first thing they do is issue a fine (think GDPR's up to 4% of global revenue). Boards respond to numbers, so fines give the CISO the clearest financial argument.
Topics
Community Discussion
No community discussion yet for this question.