Q: 9
Which of the following is a primary benefit of implementing a governance, risk management, and
compliance framework within an organization?
Options
Discussion
Option D feels right here. The main reason you roll out a GRC framework is to cut overall assurance costs by making controls more efficient and unified across the org. C (automation tools) is a method but not really the big-picture benefit they're targeting. I'm pretty sure it's D, but happy to hear if anyone sees it differently.
Wish IIA would make these less vague, always comes down to picking D vs C on wording.
D imo. Reduced assurance costs is the main point-GRC frameworks streamline controls, so that lowers big audit/compliance overhead. Pretty straightforward for IIA.
Small detail here: the question asks for primary benefit, not the first visible one. D fits since a GRC framework's main intent is to consolidate control activities and drive down overall assurance costs (audit, compliance effort, etc). C might automate some things but doesn't guarantee broad cost reduction. Pretty sure it's D but open to other angles if I'm missing a nuance.
Had something like this in a mock, and they wanted the overall benefit, not just automation or fewer audits. Wouldn’t better governance mainly drive down assurance costs, rather than just streamline interviews? Curious what others think about C versus D here.
D
Be respectful. No spam.
