Isaca Exam COBIT-Design-and-Implementation Topic 7 Question 22 Discussion

An enterprise should consider the implementation of a strong compliance function as part of their governance system when it is subject to substantially higher than average compliance regulations because it is operating in a heavily regulated industry sector.

In COBIT 2019, the need for a strong compliance function is influenced by the regulatory environment in which the enterprise operates. Enterprises in heavily regulated industries face stringent compliance requirements and significant consequences for non-compliance. Therefore, a robust compliance function is essential to ensure adherence to regulations and to mitigate compliance-related risks.

COBIT 2019 Framework Reference:

COBIT 2019 Framework: Introduction and Methodology, Chapter 5: Discusses the importance of compliance requirements as a design factor in tailoring the governance system.

COBIT 2019 Design Guide, Chapter 2: Highlights the role of compliance and assurance capabilities in highly regulated industries.

Implementing a strong compliance function in such scenarios helps the enterprise manage regulatory risks, maintain compliance, and avoid legal and financial penalties.