Question: An information security manager at a global organization that is subject to regulation by multiple governmental jurisdictions with differing requirements should:
A.) bring all locations into conformity with the aggregate requirements of all governmental jurisdictions.
B.) establish baseline standards for all locations and add supplemental standards as requireD.)
C.) bring all locations into conformity with a generally accepted set of industry best practices.
D.) establish a baseline standard incorporating those requirements that all jurisdictions have in common.

Download pdf (with explanations) edition of this exam.