Comprehensive and Detailed Explanation:
The CGEIT Review Manual 8th Edition, in its Governance of Enterprise IT domain, emphasizes that an ethics program requires a culture of accountability and responsibility to succeed. This culture ensures that ethical behavior is embedded in organizational values, encouraging employees to act with integrity. For example, leadership modeling ethical behavior fosters trust and compliance. The manual likely references COBIT 2019’s EDM01-Ensured Governance Framework Setting and Maintenance, which highlights cultural factors in governance.
Option A: Whistleblower processes are important but secondary to culture.
Option C: Roles and responsibilities support the program but are not the most critical.
Option D: Mission and vision statements are foundational but less directly tied to ethics.
Double Verification: The answer aligns with COBIT’s EDM01 and the CGEIT domain’s focus on ethical governance. Culture is a key ISACA factor for ethics programs.
ISACA CGEIT Review Manual 8th Edition, Domain 1: Governance of Enterprise IT (focus on ethics programs).
COBIT 2019, EDM01-Ensured Governance Framework Setting and Maintenance.
ISACA Glossary (for definitions of ethics program), available at https://www.isaca.org/resources/glossary.
