# CGEIT — Question 425

**Type:** multiple_choice
**Topics:** topic_1

## Question

A regulatory audit assessed an enterprise's main transactional application as noncompliant. In addition to fines and required corrections, an agreement was reached to implement a set of governance controls over IT. Accountability for these controls is BEST assigned to which of the following?

## Correct Answer

_See scenario._

## Explanation

My thought is BOD should be accountable while IA director to be responsible.

**Reference:** examtopics_top_comment

---
Source: https://hiexam.net/q/isaca/CGEIT/425  
Practice (tracked): https://hiexam.net/study/CGEIT/practice