Register
A large, multinational company currently has two separate databases. One is used for ERP, while the second is used for CRM. To consolidate services and infrastructure, it is proposed to combine the databases.
233k views
2 votes
A large, multinational company currently has two separate databases. One is used for ERP, while the second is used for CRM. To consolidate services and infrastructure, it is proposed to combine the databases. The company's compliance manager is asked to review the proposal and is concerned about this integration.

Which of the following would pose the MOST concern to the compliance manager?

A. The attack surface of the combined database is lower than the previous separate systems, so there likely are wasted resources on additional security controls that will not be needed.
B. There are specific regulatory requirements the company might be violating by combining these two types of services into one shared platform.
C. By consolidating services in this manner, there is an increased risk posed to the organization due to the number of resources required to manage the larger data pool.
D. Auditing the combined database structure will require more short-term resources, as the new system will need to be learned by the auditing team to ensure all security controls are in place.

User Jsells
by
7.6k points

1 Answer

4 votes

Final answer:

The most significant concern for a compliance manager is the potential violation of regulatory requirements when combining ERP and CRM databases, as non-compliance can lead to significant fines and reputation damage.

Step-by-step explanation:

Among the concerns mentioned, the most pressing one for a compliance manager regarding the integration of an ERP (Enterprise Resource Planning) and a CRM (Customer Relationship Management) database would likely be B.

There are specific regulatory requirements the company might be violating by combining these two types of services into one shared platform.

This is because combining databases can lead to complex compliance issues related to data privacy, protection, and the segregation of sensitive information, as mandated by various laws and regulations like GDPR, HIPAA, or Sarbanes-Oxley Act. Such regulatory requirements are stringent, and non-compliance can result in significant fines and reputational damage.

On the contrary, the other options, although they might be concerns from an operational or strategic perspective, do not directly address the stringent legal and compliance implications of combining ERP and CRM systems.

User Robbie JW
by
7.1k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

8.6m questions

11.2m answers

Other Questions

“What does it mean when we “rework” copyrighted material?”
The book shows how to add and subtract binary and decimal numbers. However, other numbering systems are also very popular when dealing with computers. The octal (base 8) numbering system is one of these.
Seven basic internal components found in a computer tower
Please help me ! All you do is just put it it all in your own words ! Please this is for my reported card!i don't know how to put it in my own words because my English is not that good!
describe an advance in technology that makes life more enjoyable. what discoveries contribute to this technology?
Link Copied!