New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Exin CITM Exam - Topic 8 Question 5 Discussion

Actual exam question for Exin's CITM exam
Question #: 5
Topic #: 8
[All CITM Questions]

A technical team investigating possible controls concludes that the most preferred control cannot be implemented as a result of too many constraints and decides to propose the second-best control. How is this control being referred to?

Show Suggested Answer Hide Answer
Suggested Answer: B

A compensating control is an alternative control implemented when the preferred control cannot be applied due to constraints (e.g., technical, financial, or operational). According to frameworks like COBIT or ISO/IEC 27001, compensating controls provide equivalent or partial risk mitigation when the primary control is infeasible.

Deterrent controls (A) discourage violations, detective controls (C) identify incidents, and corrective controls (D) address issues after they occur. Only compensating control (B) fits the scenario of a second-best alternative due to constraints.


by Jolene at Aug 04, 2025, 09:53 PM

Limited Time Offer

25%

Off

Get Premium CITM Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Glendora
2 months ago
Sounds a bit off, I’m not convinced it’s compensating.
upvoted 0 times
...
Margret
2 months ago
Wait, are we sure it's not corrective?
upvoted 0 times
...
Amber
2 months ago
Totally agree, compensating is the right term here.
upvoted 0 times
...
Jame
2 months ago
I thought it was a detective control?
upvoted 0 times
...
Bronwyn
3 months ago
It's definitely a compensating control!
upvoted 0 times
...
Lajuana
3 months ago
If the preferred control can't be implemented, it makes sense to go with a compensating control, but I hope that's the correct answer!
upvoted 0 times
...
Meghann
3 months ago
I'm a bit confused; I thought detective controls were more about identifying issues after they happen, not proposing alternatives.
upvoted 0 times
...
Matt
4 months ago
I remember practicing a question about controls, and I think the second-best option is often referred to as a compensating control.
upvoted 0 times
...
Yaeko
4 months ago
I think the term we're looking for is "compensating control," but I'm not entirely sure if that's the right choice.
upvoted 0 times
...
Ruth
4 months ago
The key here is that the team couldn't implement the preferred control due to constraints, so they had to go with the second-best option. That sounds like a compensating control to me.
upvoted 0 times
...
Krissy
4 months ago
I'm a little confused by the wording of this question. I'll need to re-read it a few times to make sure I understand what they're asking.
upvoted 0 times
...
Lilli
4 months ago
Okay, let's see. If the team couldn't implement the preferred control, then the second-best option must be a compensating control. I think that's the answer.
upvoted 0 times
...
Asha
5 months ago
Hmm, I'm a bit unsure about the difference between the control types here. I'll need to think this through carefully.
upvoted 0 times
...
Daron
5 months ago
This seems like a straightforward question about control types. I'm pretty confident I can figure this out.
upvoted 0 times
...
Shanice
5 months ago
Actually, I believe the correct answer is B) Compensating control because it helps to mitigate the risks when the preferred control cannot be implemented.
upvoted 0 times
...
Dana
5 months ago
B) Compensating control - It's the control that says, 'Hey, we couldn't do the best thing, but we're doing the next best thing.'
upvoted 0 times
...
Elin
5 months ago
Hah, I bet the team is wishing they had a 'magical control' option instead of these boring choices.
upvoted 0 times
Mammie
1 month ago
True, but it still feels like a letdown.
upvoted 0 times
...
Carma
2 months ago
Seriously! But I guess compensating control is the next best thing.
upvoted 0 times
...
Dell
3 months ago
Haha, right? A magical control would solve everything!
upvoted 0 times
...
Annelle
3 months ago
At least they have options to work with!
upvoted 0 times
...
...
Mel
5 months ago
I'm not sure, but I think it might be C) Detective control.
upvoted 0 times
...
Nan
6 months ago
D) Corrective control? Nah, that's not it. Gotta be B, the compensating control.
upvoted 0 times
...
Jamal
7 months ago
B) Compensating control - Makes sense, since the team couldn't implement the preferred control due to constraints.
upvoted 0 times
Elouise
5 months ago
A) Deterrent
upvoted 0 times
...
...
Clay
7 months ago
I agree with Tina, the second-best control is usually a compensating control.
upvoted 0 times
...
Tina
7 months ago
I think the answer is B) Compensating control.
upvoted 0 times
...

Save Cancel