New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best70

CGEIT Certified in the Governance of Enterprise IT Exam Questions and Answers

Questions 4

Which of the following is the PRIMARY role of the CEO in IT governance?

Options:

A.

Evaluating return on investment (ROI)

B.

Nominating IT steering committee membership

C.

Establishing enterprise strategic goals

D.

Managing the risk governance process

Buy Now
Questions 5

An enterprise plans to migrate its applications and data to an external cloud environment. Which of the following should be the ClO's PRIMARY focus before the migration?

Options:

A.

Reviewing the information governance framework

B.

Selecting best-of-breed cloud offerings

C.

Updates the enterprise architecture (EA) repository

D.

Conducting IT staff training to manage cloud workloads

Buy Now
Questions 6

Which of the following is the GREATEST consideration when evaluating whether to comply with the new carbon footprint regulations impacted by blockchain technology?

Options:

A.

The enterprise's organizational structure

B.

The enterprise's risk appetite

C.

The current IT process capability maturity

D.

The IT strategic plan

Buy Now
Questions 7

An enterprise recently implemented a significant change in its business strategy by moving to a technologically advanced product with considerable impact on the business. What should be the FINAL step in completing the changes to IT processes?

Options:

A.

Updating the configuration management database (CMDB)

B.

Empowering the business to embrace the changes

C.

Ensuring a return to stabilized business operations

D.

Updating the enterprise architecture (EA)

Buy Now
Questions 8

Which of the following is the BEST way to encourage employees to raise ethics concerns in full confidence?

Options:

A.

Publish and enforce a code of conduct policy.

B.

Provide access to legal resource benefits.

C.

Establish and communicate a whistle-blower policy.

D.

Provide protection language in employment contracts.

Buy Now
Questions 9

What should be the FIRST action of a new CIO when considering an IT governance framework for an enterprise?

Options:

A.

Understand corporate culture and IT'S role in providing business value.

B.

Understand critical IT processes to define the scope of the IT governance framework.

C.

Verify stakeholder sponsorship of the IT governance initiative.

D.

Develop an IT balanced scorecard to monitor and track IT performance.

Buy Now
Questions 10

Once the strategic vision has been established, which of the following would be the BEST activity for supporting the implementation of performance measures?

Options:

A.

Monitor service level performance.

B.

Document strengths, weaknesses, opportunities, and threats.

C.

Document policy requirements

D.

Identify key performance indicators (KPIs).

Buy Now
Questions 11

An airline wants to launch a new program involving the use of artificial intelligence (Al) and machine learning the mam objective of the program is to use customer behavior to determine new routes and markets Which of the following should be done NEXT?

Options:

A.

Consult with the enterprise privacy function

B.

Define the critical success factors (CSFs)

C.

Present the proposal to the IT strategy committee

D.

Perform a business impact analysis (BIA)

Buy Now
Questions 12

Supply chain management has established a supplier policy requiring multiple technology suppliers. What is the BEST way to ensure the success of this policy?

Options:

A.

Identity and select suppliers based on cost.

B.

Align the vendor selection process with the security policy.

C.

Implement a master service agreement.

D.

Align enterprise architecture (EA) and procurement strategies.

Buy Now
Questions 13

Which of the following will BEST enable an IT steering committee to monitor the achievement of overall IT objectives on a continuous basis?

Options:

A.

Defined service level agreements (SLAs)

B.

Project portfolio dashboards

C.

Key performance indicators (KPIs)

D.

IT user survey results

Buy Now
Questions 14

Which of the following is MOST important to document for a business ethics program?

Options:

A.

Guiding principles and best practices

B.

Violation response matrix

C.

Whistle-blower protection protocols.

D.

Employee awareness and training content

Buy Now
Questions 15

Which of the following is MOST important for an IT strategy committee to ensure before initiating the development of an IT strategic plan?

Options:

A.

Committee members are apprised of business needs

B.

A risk assessment has been conducted.

C.

Committee members are independent from business units.

D.

IT initiatives are fully supported by the business.

Buy Now
Questions 16

A CIO just received a final audit report that indicates there is inconsistent enforcement of the enterprise's mobile device acceptable use policy throughout all business units. Which of the following should be the FIRST step to address this issue?

Options:

A.

Incorporate compliance metrics into performance goals.

B.

Review the relevance of existing policy.

C.

Mandate awareness training for all mobile device users.

D.

Implement controls to enforce the policy.

Buy Now
Questions 17

Which of the following would be an IT steering committee's BEST course of action upon learning business units have been independently procuring cloud services?

Options:

A.

Require cancellation of cloud-based application services not vetted by IT leadership.

B.

Include business unit leadership in the enterprise architecture (EA) review board.

C.

Limit cloud-based application service usage to open source solutions.

D.

Define a procurement strategy based on business unit needs.

Buy Now
Questions 18

In a large enterprise, which of the following is the BEST approach to enable effective communication to senior management regarding the project status for a strategic enterprise resource management system implementation?

Options:

A.

Project management office with business and IT representatives

B.

Weekly project reports reviewed by business and IT management

C.

Project status updates on the intranet

D.

A steering committee involving business and IT

Buy Now
Questions 19

An enterprise wants to reduce the complexity of its data assets while ensuring impact to the business is minimized during the transition.

Which of the following should be done FIRST?

Options:

A.

Remove applications that are not aligned with the information architecture.

B.

Review the information classification and retention policies.

C.

Review the information architecture.

D.

Assess current information ownership.

Buy Now
Questions 20

Which of the following characteristics would BEST indicate that an IT process is a good candidate for outsourcing?

Options:

A.

Strategic processes that require expert professionals

B.

Processes with higher risk to the enterprise

C.

Non-strategic processes that are not documented

D.

Operational processes that are well-defined

Buy Now
Questions 21

Which of the following should be done FIRST when designing an IT balanced scorecard?

Options:

A.

Develop key performance indicators (KPIs).

B.

Communicate to stakeholders

C.

Analyze the business strategy.

D.

Review the IT resource plan.

Buy Now
Questions 22

Which of the following has PRIMARY responsibility to define the requirements for IT service levels for the enterprise?

Options:

A.

The business manager

B.

The help desk

C.

The CIO

D.

The business continuity vendor

Buy Now
Questions 23

When establishing a methodology for business cases, it would be MOST beneficial for an enterprise to include procedures for:

Options:

A.

updating the business case throughout its life cycle.

B.

addressing required changes outside the business case.

C.

identifying metrics post-implementation to measure project success.

D.

entering the business case into the enterprise architecture (EA).

Buy Now
Questions 24

Which of the following is the BEST way for a CIO to ensure that IT-related training is taken seriously by the IT management team and direct employees?

Options:

A.

Develop training programs based on results of an IT staff survey of preferences.

B.

Embed training metrics into the annual performance appraisal process.

C.

Promote IT-specific training awareness program.

D.

Research and identify training needs based on industry trends.

Buy Now
Questions 25

An internal audit of a large financial institution found that financial data is being managed in a way that will negatively impact the enterprise's ability to support regulatory reporting. Which of the following should be the FIRST strategic action in addressing this situation?

  • Establish a data governance framework.
  • Assign data responsibilities through a RACI chart.

  • Review key risk indicators (KRIS) related to data management.

Options:

A.

Update data management policies.

Buy Now
Questions 26

When identifying improvements focused on the information asset life cycle, which of the following is CRITICAL for enabling data interoperability?

Options:

A.

Standardization

B.

Replication

C.

Segregation

D.

Sanitization

Buy Now
Questions 27

The BEST way to ensure an IT steering committee meets enterprise objectives is to:

Options:

A.

require a member of the committee to have IT governance expertise.

B.

benchmark against industry best practices.

C.

establish key performance indicators (KPIs).

D.

have key business stakeholders represented on the committee.

Buy Now
Questions 28

The board and senior management of a new enterprise recently met to formalize an IT governance framework. The board of directors' FIRST step in implementing IT governance is to ensure that:

Options:

A.

an IT balanced scorecard is implemented.

B.

a portfolio of IT-enabled investments is developed.

C.

IT roles and responsibilities are established.

D.

IT policies and procedures are defined.

Buy Now
Questions 29

The board of a start-up company has directed the CIO to develop a technology resource acquisition and management policy. Which of the following should be the MOST important consideration during the development of this policy?

Options:

A.

Enterprise growth plans

B.

Industry best practices

C.

Organizational knowledge retention

D.

IT staff competencies

Buy Now
Questions 30

A global enterprise is experiencing an economic downturn and is rapidly losing market share. IT senior management is reassessing the core activities of the business, including IT, and the associated resource implications. Management has decided to focus on its local market and to close international operations. A critical issue from a resource management perspective is to retain the most capable staff. This is BEST achieved by:

Options:

A.

reviewing current goals-based performance appraisals across the enterprise.

B.

ranking employees across the enterprise based on their compensation.

C.

ranking employees across the enterprise based on length of service.

D.

retaining capable staff exclusively from the local market.

Buy Now
Questions 31

An enterprise has had the same IT governance framework in place for several years. Currently, large and small capital projects go through the same architectural governance reviews. Despite repeated requests to streamline the review process for small capital projects, business units have received no response from IT. The business units have recently escalated this issue to the newly appointed GO. Which of the following should be done FIRST to begin addressing business needs?

Options:

A.

Create a central repository for the business to submit requests.

B.

Explain the importance of the IT governance framework.

C.

Assess the impact of the proposed change.

D.

Assign a project team to implement necessary changes.

Buy Now
Questions 32

An enterprise has a centralized IT function but also allows business units to have their own technology operations, resulting in duplicate technologies and conflicting priorities. Which of the following should be done FIRST to reduce the complexity of the IT landscape?

  • Promote automation tools used by the business units.

Options:

A.

Conduct strategic planning with business units.

B.

Migrate all in-house systems to an external cloud environment.

C.

Standardize technology architecture on common products.

Buy Now
Questions 33

An IT governance committee realizes there are antiquated technologies in use throughout the enterprise. Which of the following is the BEST group to evaluate the recommendations to address these shortcomings?

Options:

A.

Enterprise architecture (EA) review board

B.

Business process improvement workgroup

C.

Audit committee

D.

Risk management committee

Buy Now
Questions 34

Which of the following is necessary for effective risk management in IT governance?

Options:

A.

Risk evaluation is embedded in the management processes.

B.

IT risk management is separate from enterprise risk management (ERM).

C.

Local managers are solely responsible for risk evaluation.

D.

Risk management strategy is approved by the audit committee.

Buy Now
Questions 35

Which of the following BEST supports the implementation of an effective data classification policy?

Options:

A.

Monitoring with key performance indicators (KPIs)

B.

Implementation of data loss prevention (DLP) tools

C.

Clear guidelines adopted by the business

D.

Classification policy approval by the board

Buy Now
Questions 36

Which of the following is the PRIMARY purpose of information governance?

Options:

A.

To develop control procedures that help ensure information is adequately protected throughout its life cycle

B.

To monitor the processes that deliver and enhance the value of information assets

C.

To set direction for information management capabilities through prioritization and decision making

D.

To ensure regulatory compliance is maintained while optimizing the utilization of information

Buy Now
Questions 37

Which of the following should be the PRIMARY governance objective for selecting key risk indicators (KRIs) related to legal and regulatory compliance?

Options:

A.

Identifying the risk of noncompliance

B.

Demonstrating sound risk management practices

C.

Measuring IT alignment with enterprise risk management (ERM)

D.

Ensuring the effectiveness of IT compliance controls

Buy Now
Questions 38

A multinational enterprise is planning to migrate to cloud-based systems. Which of the following should be of MOST concern to the risk management committee?

Options:

A.

Cost considerations

B.

Regulatory compliance

C.

Resource alignment

D.

Security breaches

Buy Now
Questions 39

Following a re-prioritization of business objectives by management, which of the following should be performed FIRST to allocate resources to IT processes?

Options:

A.

Perform a maturity assessment.

B.

Implement a RACI model.

C.

Refine the human resource management plan.

D.

Update the IT strategy.

Buy Now
Questions 40

A small enterprise has just hired its first CIO, who has been tasked with making the IT department more efficient. What should be the CIO's NEXT step after identifying several new improvement initiatives?

Options:

A.

Mandate IT staff training.

B.

Request an IT balanced scorecard.

C.

Require a cost-benefit analysis.

D.

Allocate funding for the initiatives.

Buy Now
Questions 41

An internal auditor conducts an assessment of a two-year-old IT risk management program. Which of the following findings should be of MOST concern to the CIO?

Options:

A.

Organizational responsibility for IT risk management is not clearly defined.

B.

None of the members of the IT risk management team have risk management-related certifications.

C.

Only a few key risk indicators (KRIs) identified by the IT risk management team are being monitored and the rest will be on a phased schedule.

D.

IT risk training records are not properly retained in accordance with established schedules

Buy Now
Questions 42

When conducting a risk assessment in support of a new regulatory

requirement, the IT risk committee should FIRST consider the:

Options:

A.

cost burden to achieve compliance.

B.

readiness of IT systems to address the risk.

C.

risk profile of the enterprise.

D.

disruption to normal business operations.

Buy Now
Questions 43

An interna! health organization has been notified that a data breach has resulted in patient records being published online. Which of the

following is MOST important consideration when determining the process for meeting the organization's legal and regulatory obligations?

Options:

A.

Organizational structure, including accountable partes

B.

Data classification and related security policy

C.

Context of the breach, including data ownership and location

D.

Details of how the breach occurred and related incident response efforts

Buy Now
Questions 44

After experiencing poor recovery times following a catastrophic event, an enterprise is seeking to improve its disaster recovery capabilities. Which of the following would BEST enable the enterprise to accomplish this objective?

Options:

A.

Continuous testing of disaster recovery capabilities with implementation of lessons learned

B.

Increased training and monitoring for disaster recovery personnel who perform below expectations

C.

Annual review and updates to the disaster recovery plan (DRP)

D.

Increased outsourcing of disaster recovery capabilities to ensure reliability

Buy Now
Questions 45

When an enterprise is evaluating potential IT service vendors, which of the following BEST enables a clear understanding of the vendor's capabilities that will be critical to the enterprise's strategy?

  • Due diligence process

Options:

A.

Independent audit results

B.

Historical service level agreements (SLAs)

C.

Benchmarking analysis results

Buy Now
Questions 46

A CIO has recently been made aware of a new regulatory requirement that may affect IT-enabled business activities. Which of the following should be the CIO s FIRST step in deciding the appropriate response to the new requirement?

Options:

A.

Revise initiatives that are active to reflect the new requirements.

B.

Confirm there are adequate resources to mitigate compliance requirements.

C.

Consult with legal and risk experts to understand the requirements.

D.

Consult with the board for guidance on the new requirements

Buy Now
Questions 47

Which of the following is the BEST critical success factor (CSF) to use when changing an IT value management program in an enterprise?

Options:

A.

Documenting the process for the board of directors' approval

B.

Adopting the program by using an incremental approach

C.

Implementing the program through the enterprise's change plan

D.

Aligning the program to the business requirements

Buy Now
Questions 48

A CEO realizes the need to implement IT governance to support the strategic alignment of business and IT goals. Which of the following would BEST enable this initiative?

Options:

A.

A RACI chart

B.

An increased IT budget

C.

Well-trained IT staff

D.

Effective culture change

Buy Now
Questions 49

Which of the following BEST enables effective enterprise risk management (ERM)?

Options:

A.

Risk register

B.

Risk ownership

C.

Risk tolerance

D.

Risk training

Buy Now
Questions 50

Which of the following is the MOST important consideration when integrating a new vendor with an enterprise resource planning (ERP) system?

Options:

A.

IT senior management selects the vendor.

B.

A vendor risk assessment is conducted

C.

ERP data mapping is approved by the enterprise architect.

D.

Procurement provides the terms of the contract.

Buy Now
Questions 51

Which of the following should a CIO review to obtain a holistic view of IT performance when identifying potential gaps in service delivery?

Options:

A.

Key performance indicators (KPIs)

B.

Return on investment (ROI) analysis

C.

Service level agreement (SLA) reporting

D.

Staff performance evaluations

Buy Now
Questions 52

An enterprise has made the strategic decision to begin a global expansion program which will require opening sales offices in countries across the world. Which of the following should be the FIRST consideration with regard to the IT service desk which will remain centralized?

  • The effect of regional differences On service delivery

  • Identification of IT service desk functions that can be outsourced

Options:

A.

Enforcement Of a standardized policy across all regions

B.

Availability of adequate resources to provide support for new users

Buy Now
Questions 53

Which of the following is the BEST indication that an implementation plan for a new governance initiative will be successful?

Options:

A.

Staff have been trained on the new initiative.

B.

External consultants created the plan.

C.

The plan assigns responsibility for completing milestones.

D.

The plan is designed to engage employees across the enterprise.

Buy Now
Questions 54

An IT governance committee is reviewing its current risk management policy in light of increased usage of social media within an enterprise. The FIRST task for the governance committee is to:

Options:

A.

recommend blocking access to social media.

B.

review current level of social media usage.

C.

initiate an assessment of the impact on the business.

D.

reassess the enterprise's bring your own device (BYOD) policy.

Buy Now
Questions 55

The CIO of a financial services company is tasked with ensuring IT processes are in compliance with recently instituted regulatory changes. The FIRST course of action should be to:

Options:

A.

align IT project portfolio with regulatory requirements.

B.

create an IT balanced scorecard.

C.

identify the penalties for noncompliance.

D.

perform a current state assessment.

Buy Now
Questions 56

Which of the following is the MOST effective approach to ensure senior management sponsorship of IT risk management?

Options:

A.

Benchmark risk framework against best practices.

B.

Calculate financial impact for each IT risk finding.

C.

Periodically review the IT risk register entries.

D.

Integrate IT risk into enterprise risk management (ERM).

Buy Now
Questions 57

Which of the following would provide the MOST useful information to measure the alignment of IT with the enterprise?

Options:

A.

Balanced scorecard

B.

Control self-assessment (CSA)

C.

Gap analysis

D.

Audit reports

Buy Now
Questions 58

Which of the following is the PRIMARY consideration for an enterprise when deciding whether to adopt a qualitative risk assessment method?

  • The method identifies areas to immediately address vulnerabilities.

  • The method provides specific objective measurements of exposure.

  • The method enables an analysis Of recommended controls.

Options:

A.

The method provides a platform for all departments to contribute to the risk assessment.

Buy Now
Questions 59

An enterprise's IT department has been operating independently without regard to business concerns, leading to misalignment between business and IT. The BEST way to establish alignment would be to require:

Options:

A.

business to help define IT goals.

B.

business to fund IT services.

C.

IT to define business objectives.

D.

IT and business to define risks.

Buy Now
Questions 60

Which of the following has the GREATEST impact on the design of an IT governance framework?

Options:

A.

IT performance metrics

B.

Resource allocation

C.

Business leadership

D.

Business risk

Buy Now
Questions 61

Which of the following is the MOST efficient way for an IT transformation project manager to communicate the project progress with stakeholders?

  • Establish governance forums within project management.

Options:

A.

Include key performance indicators (KPls) in a monthly newsletter.

B.

Share the business case with stakeholders.

C.

Post the project management report to the enterprise intranet site.

Buy Now
Questions 62

An organization requires updates to their IT infrastructure to meet business needs. Which of the following will provide the MOST useful information when planning for the necessary IT investments?

Options:

A.

Enterprise architecture (EA)

B.

Risk assessment report

C.

Business user satisfaction metrics

D.

Audit findings

Buy Now
Questions 63

Of the following, who is responsible for the achievement of IT strategic objectives?

Options:

A.

IT steering committee

B.

Business process owners

C.

Chief information officer (CIO)

D.

Board of directors

Buy Now
Questions 64

The accountability for a business continuity program for business-critical systems is BEST assigned to the:

Options:

A.

enterprise risk manager.

B.

chief executive officer (CEO).

C.

director of internal audit.

D.

chief information officer (CIO).

Buy Now
Questions 65

A high-tech enterprise is concerned that leading competitors have been successfully recruiting top talent from the enterprise's research and development business unit.

What should the leadership team mandate FIRST?

Options:

A.

A SWOT analysis

B.

An incentive and retention program

C.

A root cause analysis

D.

An aggressive talent acquisition program

Buy Now
Questions 66

A CIO wants to make improvements to the enterprise's IT governance. Which of the following would BEST help to demonstrate the expected benefits from proposed changes?

Options:

A.

RACI chart

B.

Balanced scorecard

C.

Enterprise architecture (EA)

D.

Business case

Buy Now
Questions 67

A large organization with branches across many countries is in the midst of an enterprise resource planning (ERP) transformation. The IT organization receives news that the branches in a country where the impact to the enterprise is to be greatest are being sold. What should be the NEXT step?

Options:

A.

Update the ERP business case and re-evaluate the ROI.

B.

Cancel the ERP transformation and re-allocate project funds.

C.

Adjust the ERP implementation plan and budget.

D.

Continue with the ERP migration according to plan.

Buy Now
Questions 68

Prior to setting IT objectives, an enterprise MUST have established its:

Options:

A.

architecture.

B.

policies.

C.

strategies.

D.

controls.

Buy Now
Questions 69

Prior to decommissioning an IT system, it is MOST important to:

Options:

A.

assess compliance with environmental regulations.

B.

assess compliance with the retention policy.

C.

review the media disposal records.

D.

review the data sanitation records.

Buy Now
Questions 70

Which of the following is PRIMARILY achieved through performance measurement?

Options:

A.

Process improvement

B.

Transparency

C.

Cost efficiency

D.

Benefit realization

Buy Now
Questions 71

Which of the following is the BEST way to ensure the continued usefulness of IT governance reports for stakeholders?

Options:

A.

Conduct quarterly audits and adjust reporting based on findings.

B.

Establish a standard process for providing feedback.

C.

Rely on IT leaders to advise when adjustments should be made.

D.

Issue frequent service level satisfaction surveys.

Buy Now
Questions 72

An enterprise plans to implement a business intelligence (Bl) tool with data sources from various enterprise applications. Which of the following is the GREATEST challenge to implementation?

Options:

A.

Interface issues between enterprise and Bl applications

B.

Large volumes of data fed from enterprise applications

C.

The need for staff to be trained on the new Bl tool

D.

Data definition and mapping sources from applications

Buy Now
Questions 73

An enterprise is assessing whether to utilize wearable technology. The enterprise has no prior experience with this technology and has asked the chief technology officer (CTO) to assess the impact to the enterprise. The CTO should FIRST:

Options:

A.

understand the enterprise’s risk tolerance.

B.

create an IT risk scorecard.

C.

prioritize wearable technology risk.

Buy Now
Questions 74

Which of the following is the BEST way for a CIO to ensure that the work of IT employees is aligned with approved IT directives?

Options:

A.

Mandate technical training related to the IT objectives.

B.

Have business leaders present their departments' objectives.

C.

Include relevant IT goals in individual performance objectives.

D.

Request a progress review of IT objectives by internal audit.

Buy Now
Questions 75

Which of the following BEST enables an enterprise to determine whether a current program for IT infrastructure migration to the cloud is continuing to provide benefits?

Options:

A.

Key performance indicators (KPls)

B.

Total cost of ownership (TCO)

C.

Key risk indicators (KRIS)

D.

Net present value (NPV)

Buy Now
Questions 76

Which of the following is the PRIMARY benefit to an enterprise when risk management is practiced effectively throughout the organization?

Options:

A.

Decisions are made with an awareness of probability and impact.

B.

IT objectives and goals are aligned to business objectives and goals.

C.

Business opportunity losses are minimized.

D.

Innovative strategic initiatives are encouraged.

Buy Now
Questions 77

Which of the following BEST enables an enterprise to achieve the benefits of implementing new Internet of Things (loT) technology?

Options:

A.

IT project charter

B.

Change management

C.

Emerging technology roadmap

D.

Enterprise architecture (EA)

Buy Now
Questions 78

An IT director has become aware that a certain subset of data collected lawfully can be used to generate additional revenue. However, this particular use of the data is outside the original intention. What is the PRIMARY reason this situation should be escalated to the IT steering committee?

Options:

A.

Potential legal penalties

B.

Ethical concerns

C.

Regulatory requirements

D.

Data protection

Buy Now
Questions 79

A large financial institution is considering outsourcing customer call center operations which will allow the chosen vendor to access systems from offshore locations. Which of the following represents the GREATEST risk?

Options:

A.

Inconsistent customer service and reporting

B.

Loss of data confidentiality

C.

Lack of network availability

D.

Inadequate business continuity planning

Buy Now
Questions 80

When developing effective metrics for the measurement of solution delivery, it is MOST important to:

Options:

A.

establish project controls and monitoring objectives.

B.

perform an objective analysis of the project roadmap.

C.

establish the objectives and expected benefits.

D.

specify quantitative measures for solution delivery.

Buy Now
Questions 81

Of the following, who should approve the criteria for information quality within an enterprise?

Options:

A.

Information architect

B.

Information analyst

C.

Information steward

D.

Information owner

Buy Now
Questions 82

An enterprise plans to expand into new markets in countries lacking data privacy regulations, increasing risk exposure. Which of the following is the BEST course of action for the CIO?

Options:

A.

Identify business risk appetite and tolerance levels.

B.

Quantify the risk impact and evaluate possible countermeasures.

C.

Limit the personal data available to the high-risk countries.

D.

Mandate the strengthening of user access controls.

Buy Now
Questions 83

A large enterprise that is diversifying its business will be transitioning to a new software platform, which is expected to cause data changes. Which of the following should be done FIRST when developing the related metadata management process?

Options:

A.

Require an update to enterprise data policies.

B.

Request an impact analysis.

C.

Review documented data interdependence.

D.

Validate against existing architecture.

Buy Now
Questions 84

An enterprise has been focused on establishing an IT risk management framework. Which of the following should be the PRIMARY motivation behind this objective?

Options:

A.

Promoting responsibility throughout the enterprise for managing IT risk.

B.

Increasing the enterprise's risk tolerance level and risk appetite.

C.

Engaging executives in examining IT risk when developing policies.

D.

Maintaining a complete and accurate risk registry to belief manage IT risk

Buy Now
Questions 85

Which of the following is the PRIMARY benefit of communicating the IT strategy across the enterprise?

Options:

A.

On-time and on-budget delivery of strategic projects

B.

Improvement in IT balanced scorecard performance

C.

Optimization of IT investment in supporting business objectives

D.

Reduced organizational resistance during strategy execution

Buy Now
Questions 86

Which of the following is the BEST way to ensure new systems can be adequately supported once in production?

Options:

A.

Establish a resource management framework.

B.

Evaluate the operational requirements of the business stakeholders.

C.

Identify key performance indicators (KPIs).

D.

Require operational management be identified in the business case.

Buy Now
Questions 87

An enterprise is evaluating a Software as a Service (SaaS) solution to support a core business process. There is no outsourcing governance or vendor management in place. What should be the CEO's FIRST course of action?

Options:

A.

Ensure the roles and responsibilities to manage service providers are defined.

B.

Establish a contract with the SaaS solution provider.

C.

Instruct management to use the standard procurement process.

D.

Ensure the service level agreements (SLAs) for service providers are defined.

Buy Now
Questions 88

Which of the following roles has PRIMARY accountability for the security related to data assets?

Options:

A.

Database administrator

B.

Data owner

C.

Data analyst

D.

Security architect

Buy Now
Questions 89

An executive sponsor of a partially completed IT project has learned that the financial assumptions supporting the project have changed. Which of the following governance actions should be taken FIRST?

Options:

A.

Schedule an interim project review.

B.

Request a risk assessment.

C.

Re-evaluate the project in the portfolio.

D.

Request an update to the business case

Buy Now
Questions 90

Best practice states that IT governance MUST:

Options:

A.

enforce consistent policy across the enterprise.

B.

be applied in the same manner throughout the enterprise.

C.

apply consistent target levels of maturity to processes.

D.

be a component of enterprise governance.

Buy Now
Questions 91

Which of the following represents the GREATEST challenge to implementing IT governance?

Options:

A.

Determining the best practice to follow

B.

Planning the project itself

C.

Developing a business case

D.

Applying behavioral change management

Buy Now
Questions 92

Which of the following is the MOST comprehensive method to report on overall IT performance to the board of directors?

Options:

A.

Balanced scorecard

B.

Net present value (NPV)

C.

Performance-based payments

D.

Return on investment (ROI)

Buy Now
Questions 93

A rail transport company has the worst on-time arrival record in the industry due to an antiquated IT system that controls scheduling. Despite employee resistance, an initiative lo upgrade the technology and related processes has been approved. To maximize employee engagement throughout the project, which of the following should be in place prior to the start of the initiative?

Options:

A.

Procurement management plan

B.

Organizational change management plan

C.

Risk response plan

D.

Resource management plan

Buy Now
Questions 94

From a governance perspective, which of the following roles is MOST important for an enterprise to keep in-house?

Options:

A.

Information auditor

B.

Information architect

C.

Information steward

D.

Information analyst

Buy Now
Questions 95

Establishing a uniform definition for likelihood and impact through risk management standards PRIMARILY addresses which of the following concerns?

Options:

A.

Inconsistent categories of vulnerabilities

B.

Conflicting interpretations of risk levels

C.

Inconsistent data classification

D.

Lack of strategic IT alignment

Buy Now
Questions 96

Which of the following is the BEST method for making a strategic decision to invest in cloud services?

Options:

A.

Prepare a business case.

B.

Prepare a request for information (RFI),

C.

Benchmarking.

D.

Define a balanced scorecard.

Buy Now
Questions 97

A new and expanding enterprise has recently received a report indicating 90% of its data has been collected in just the last six months, triggering data breach and privacy concerns. What should be the IT steering committee's FIRST course of action to ensure new data is managed effectively?

Options:

A.

Mitigate and track data-related issues and risks.

B.

Modify legal and regulatory data requirements.

C.

Define data protection and privacy practices.

D.

Assess the information governance framework.

Buy Now
Questions 98

The BEST way to manage an outsourced vendor relationship is by:

Options:

A.

conducting periodic risk assessments.

B.

reviewing annual independent third-party reports.

C.

providing clear objectives and transparency.

D.

analyzing performance statistics from the vendor.

Buy Now
Questions 99

Which of the following is the PRIMARY element in sustaining an effective governance framework?

Options:

A.

Identification of optimal business resources

B.

Establishment of a performance metric system

C.

Ranking of critical business risks

D.

Assurance of the execution of business controls

Buy Now
Questions 100

Which of the following are PRIMARY factors in ensuring the success of an enterprise quality assurance program?

Options:

A.

Enterprise risk appetite and tolerance

B.

Risk management and control frameworks

C.

Continuous improvement plans

D.

A process maturity framework and documented procedures

Buy Now
Questions 101

Which of the following is the MOST effective way to manage risks within the enterprise?

Options:

A.

Assign individuals responsibilities and accountabilities for management of risks.

B.

Make staff aware of the risks in their area and risk management techniques.

C.

Provide financial resources for risk management systems.

D.

Document procedures and reporting processes.

Buy Now
Questions 102

A company is considering selling products online, and the CIO has been asked to advise the board of directors of potential problems with this strategy. Which of the following is the ClO's BEST course of action?

Options:

A.

Review the security framework.

B.

Conduct a return on investment (ROI) analysis.

C.

Review the enterprise architecture (EA).

D.

Perform a risk assessment.

Buy Now
Questions 103

An enterprise is planning a change in business direction. As a result, IT risk will significantly increase. Which of the following should be the GO'S FIRST course of action?

Options:

A.

Recommend delaying the business change.

B.

Implement IT changes to align with the plan.

C.

Report the risk to executive management

D.

Plan for the corresponding IT reorganization.

Buy Now
Questions 104

Which of the following is the MOST important reason for selecting IT key risk indicators (KRIs)?

Options:

A.

Demonstrating the effectiveness of IT risk policies

B.

Assessing the current IT controls model

C.

Enabling comparison against similar IT KRIs

D.

Increasing the probability of achieving IT goals

Buy Now
Questions 105

An enterprise's information security function is making changes to its data retention and backup policies. Which of the following presents the GREATEST risk?

Options:

A.

Business data owners were not consulted.

B.

The new policies Increase the cost of data backups.

C.

Data backups will be hosted at third-party locations.

D.

The retention period for data backups is Increased.

Buy Now
Questions 106

Enterprise IT has overseen the implementation of an array of data services with overlapping functionality leading to business inefficiencies. Which of the following is the MOST likely cause of this situation?

Options:

A.

insufficient information architecture

B.

Ineffective project management

C.

An outdated service level agreement (SLA)

D.

An incomplete cost-benefit analysis

Buy Now
Questions 107

As the required core competencies of the IT workforce are anticipated and identified, what is the NEXT step in strengthening the department's human resource assets?

Options:

A.

Develop a responsible, accountable, consulted, and informed (RACI) chart.

B.

Create an effective recruitment, retention, and training program.

C.

Commit to the board performance metrics and bonus structure.

D.

Develop personnel requirements for third-party assurance.

Buy Now
Questions 108

When evaluating benefits realization of IT process performance, the analysis MUST be based on;

Options:

A.

key business objectives.

B.

industry standard key performance indicators (KPIs).

C.

portfolio prioritization criteria.

D.

IT risk policies.

Buy Now
Questions 109

An IT investment review board wants to ensure that IT will be able to support business initiatives. Each initiative is comprised of several interrelated IT projects. Which of the following would help ensure that the initiatives meet their goals?

Options:

A.

Review of project management methodology

B.

Review of the business case for each initiative

C.

Establishment of portfolio management

D.

Verification of initiatives against the architecture

Buy Now
Questions 110

Which of the following BEST lowers costs and improves scalability from an IT enterprise architecture (EA) perspective?

Options:

A.

Cost management

B.

IT strategic sourcing

C.

Standardization

D.

Business agility

Buy Now
Questions 111

A large retail chain realizes that while there has not been any loss of data, IT security has not been a priority and should become a key goal for the enterprise. What should be the FIRST high-level initiative for a newly created IT strategy committee in order to support this business goal?

Options:

A.

Identifying gaps in information asset protection

B.

Defining data archiving and retrieval policies

C.

Recruiting and training qualified IT security staff

D.

Modernizing internal IT security practices

Buy Now
Questions 112

An enterprise's internal audit group has scheduled a control review of a payroll system project but has been told to wait until the system is implemented. Which of the following is the GREATEST risk associated with the delay?

Options:

A.

delay in the development of new key performance indicators (KPIs)

B.

Continued dependency on compliant legacy systems

C.

Increased cost to mitigate deficiencies

D.

Lack of adherence to industry best practices

Buy Now
Questions 113

An enterprise experiencing issues with data protection and least privilege is implementing enterprise-wide data encryption in response. Which of the following is the BEST approach to ensure all business units work toward remediating these issues?

Options:

A.

Develop key performance indicators (KPIs) to measure enterprise adoption.

B.

Integrate data encryption requirements into existing and planned projects.

C.

Assign owners for data governance initiatives.

D.

Mandate the creation of a data governance framework.

Buy Now
Questions 114

The MOST successful IT performance metrics are those that:

Options:

A.

measure financial results.

B.

measure all areas.

C.

are approved by the stakeholders.

D.

contain objective measures.

Buy Now
Questions 115

The BEST way to manage continuous improvement of governance-related processes is to:

Options:

A.

assess existing process resource capacities.

B.

define accountability based on roles and responsibilities.

C.

apply effective quality management practices.

D.

require third-party independent reviews.

Buy Now
Questions 116

An enterprise is developing several consumer-based services using emerging technologies involving sensitive personal data. The CIO is under pressure to ensure the enterprise is first to market, but security scan results have not been adequately addressed. Reviewing which of the following will enable the CIO to make the BEST decision for the customers?

Options:

A.

Acceptable use policy

B.

Risk register

C.

Ethics standards

D.

Change management policy

Buy Now
Questions 117

What is the PRIMARY benefit of aligning information architecture with enterprise architecture (EA)?

Options:

A.

It improves communication with senior management and the business.

B.

It ensures the adoption of enterprise data quality standards.

C.

It enables the tracing of data to business functions.

D.

It facilitates appropriate access to data consumers.

Buy Now
Questions 118

When a shortfall of IT resources is identified, the FIRST course of action is to;

Options:

A.

perform a business impact analysis (BIA).

B.

reallocate the budget to close the gap in resources.

C.

reduce business requirements.

D.

negotiate best pricing for contracted resources.

Buy Now
Questions 119

Which of the following should a new CIO do FIRST to set the strategic direction for IT?

Options:

A.

Develop well-defined business cases that include strategic outcomes.

B.

Remap stakeholder analysis and desired expectations.

C.

Review existing enterprise strategic objectives.

D.

Redesign detailed RACI charts of the IT function.

Buy Now
Questions 120

From an IT governance perspective, which of the following would be the MOST significant impact of moving all IT applications to an external Software as a Service (SaaS) cloud provider?

Options:

A.

The integration of the IT department with business lines

B.

The shift from service delivery to service management

C.

The improvement Of IT service alignment with business

D.

The necessity to update key risk indicators (KRIs)

Buy Now
Questions 121

To measure the value of IT-enabled investments, an enterprise needs to identify its drivers as defined by its:

Options:

A.

technology strategy.

B.

value statements.

C.

service level agreements (SLAs).

D.

business strategy.

Buy Now
Questions 122

Which of the following is the BEST indicator of the effectiveness of IT governance in an enterprise?

Options:

A.

Value delivery

B.

Resource utilization

C.

Residual risk

D.

Project delivery

Buy Now
Questions 123

Which of the following would be MOST helpful to review when determining how to allocate IT resources during a resource shortage?

Options:

A.

IT skill development plan

B.

IT organizational structure

C.

IT skills inventory

D.

IT strategic plan

Buy Now
Questions 124

An organization's board of directors has questioned the value provided by IT key performance indicators (KPIs). Which of the following is the BEST way to determine whether the KPIs adequately support organizational objectives?

Options:

A.

Define a strategy for IT measurement.

B.

Define policies and procedures around current KPIs.

C.

Review the KPIs with key business executives.

D.

Work directly with the CEO to identify what measures should be used.

Buy Now
Questions 125

Which of the following would be the PRIMARY impact on IT governance when a business strategy is changed?

Options:

A.

Performance outcomes of IT objectives

B.

IT governance structure

C.

Maturity level of IT processes

D.

Relationship level with IT outsourcers

Buy Now
Questions 126

A CIO has been asked to modify an organization's IT performance measurement system to reflect recent changes in technology, including the movement of some data processing to a cloud solution. Which of the following is the PRIMARY consideration when designing such a measurement system?

Options:

A.

Ensuring that cost of measurement and reporting is minimized

B.

Ensuring the measurement system maps to the enterprise architecture (EA)

C.

Adequately defining the scope of services moved to the cloud

D.

Correctly understanding stakeholder needs for IT-related measurement

Buy Now
Questions 127

A financial institution with a highly regarded reputation for protecting customer interests has recently deployed a mobile payments program. Which of the following key risk indicators (KRIs) would be of MOST interest to the CIO?

Options:

A.

Number of failed software updates on mobile devices

B.

Percentage of incomplete transactions

C.

Failure rate of point-of-sale systems

D.

Total volume of suspicious transactions

Buy Now
Questions 128

Which of the following is the BEST method for determining an enterprise's current appetite for risk?

Options:

A.

Interviewing senior management

B.

Evaluating the balanced scorecard

C.

Reviewing recent audit findings

D.

Assessing social media adoption

Buy Now
Questions 129

The BEST way for a CIO to monitor the alignment between the business and IT strategy is to regularly review

Options:

A.

key risk indicators (KRIs)

B.

IT services supporting business processes

C.

the balanced scorecard

D.

the risk register

Buy Now
Questions 130

An IT steering committee is evaluating whether a third-party supplier is delivering the correct level of service Reviewing which of the following will provide the BEST information to the committee?

Options:

A.

Key performance indicators (KPIs)

B.

Service portfolio management

C.

Vendor status reports

D.

Operational cost reduction reports

Buy Now
Questions 131

Which of the following would provide the MOST useful information to understand the associated risks when implementing a new digital transformation strategy?

Options:

A.

Risk policy

B.

Risk framework

C.

Risk heat map

D.

Risk register

Buy Now
Questions 132

A data governance strategy has been defined by the IT strategy committee which includes privacy objectives related to access controls, authorized use. and data collection. Which of the following should the committee do NEXT?

Options:

A.

Mandate data privacy training for employees.

B.

Establish a data privacy budget

C.

Perform a data privacy impact assessment.

D.

Mandate the creation of a data privacy policy.

Buy Now
Questions 133

Which of the following is a responsibility of an IT strategy committee?

Options:

A.

Providing oversight on enterprise strategy implementation

B.

Approving the business strategy and its IT implications

C.

Advising the board on the development of IT goals

D.

Tracking projects in the IT investment portfolio

Buy Now
Questions 134

Which of the following is the BEST way to implement effective IT risk management?

Options:

A.

Align with business risk management processes.

B.

Establish a risk management function.

C.

Minimize the number of IT risk management decision points.

D.

Adopt risk management processes.

Buy Now
Questions 135

Following the rollout of an enterprise IT software solution that hosts sensitive data it was discovered that the application's role-based access control was not functioning as specified Which of the following is the BEST way to prevent reoccurrence in the future?

Options:

A.

Ensure supplier contracts include penalties if solutions do not meet functional requirements

B.

Ensure the evaluation process requires independent assessment of solutions prior to implementation

C.

Ensure supplier contracts include a provision for the right to audit on an annual basis

D.

Ensure procurement processes require the identification of alternate vendors to ensure business continuity.

Buy Now
Questions 136

What is the BEST way for an IT governance board to establish standards of behavior for the adoption of artificial intelligence (Al)?

Options:

A.

Direct the creation and approval of an ethical use policy.

B.

Review and update the data privacy policy to align with industry standards.

C.

Include specific ethics clauses in vendor agreements and contracts.

D.

Include ethics topics within onboarding and awareness training.

Buy Now
Questions 137

The MOST effective way to ensure that IT supports the agile needs of an enterprise is to:

Options:

A.

perform process modeling.

B.

outsource infrastructure management.

C.

develop a robust enterprise architecture (EA).

D.

implement open-source systems.

Buy Now
Questions 138

When conducting a risk assessment in support of a new regulatory requirement, the IT risk committee should FIRST consider the:

Options:

A.

disruption to normal business operations.

B.

risk profile of the enterprise.

C.

readiness of IT systems to address

D.

the risk cost burden to achieve compliance.

Buy Now
Questions 139

Which of the following would BEST support an enterprise's initiative to incorporate desired organizational behaviors into the IT governance framework?

Options:

A.

Enterprise code of ethics

B.

Risk mitigation strategies and action plans

C.

Documented consequences for noncompliance

D.

Enterprise RACI matrix

Buy Now
Questions 140

Which of the following is MOST important to the successful implementation of enterprise architecture (EA)?

Options:

A.

Developing data modeling tools

B.

Managing the challenge of change

C.

Reducing the cost of IT investments

D.

Establishing key performance indicators (KPIs)

Buy Now
Questions 141

The BEST way to decide how to prioritize issues identified in an IT risk and control self-assessment (CSA) is to understand the risk and:

Options:

A.

impact to the enterprise.

B.

criticality of IT services affected.

C.

number of IT systems affected.

D.

funds required for remediation.

Buy Now
Questions 142

Which of the following should be the ClO's GREATEST consideration when making changes to the IT strategy'?

Options:

A.

Has the impact to the enterprise architecture (EA) been assessed?

B.

Has the investment portfolio been revised?

C.

Have key stakeholders been consulted?

D.

Have IT risk metrics been adjusted?

Buy Now
Questions 143

Due to the recent introduction of personal data protection regulations, an enterprise is required to maintain its employee data in production systems only for a limited time. Which of the following is MOST important to review?

Options:

A.

Asset retention policies

B.

Information retention policies

C.

Data archival policies

D.

Data backup and restoration policies

Buy Now
Questions 144

An enterprise is developing an ethics program, and the ethical standards have been defined. Which of the following should the enterprise do NEXT?

Options:

A.

Establish a training and awareness program focused on ethics.

B.

Implement an enterprise-wide employee monitoring program.

C.

Develop key performance indicators (KPIs) for program implementation.

D.

Outline and document consequences for noncompliance.

Buy Now
Questions 145

Which aspect of information governance BEST enables an enterprise to avoid duplication of records and promote consistency of data?

Options:

A.

Data loss prevention (DLP)

B.

Data modeling

C.

Blockchain management

D.

Enterprise architecture (EA)

Buy Now
Questions 146

Which of the following is the PRIMARY purpose of an effective set of key risk indicators (KRIs)?

Options:

A.

Identifying possible future adverse impacts on the enterprise

B.

Evaluating existing technology for risk monitoring capabilities

C.

Establishing executive level buy-in of the risk program

D.

Quantifying the productivity of the risk management team

Buy Now
Questions 147

Facing financial struggles, a CEO mandated severe budget cuts. A decision was also made to immediately change the enterprise strategic focus to put more reliance on mobile, cloud, and wireless services in an effort to boost revenue. The IT steering committee has asked the CIO to suggest adjustments to the current IT project portfolio to allow support for the new direction despite fewer funds. What should the CIO advise the committee to do FIRST?

Options:

A.

Ask business stakeholders to discuss their vision for the new strategy.

B.

Cancel projects with a net present value (NPV) below a defined threshold.

C.

Conduct a risk assessment against the potential new services.

D.

Start re-allocating budget to projects involving mobile or cloud.

Buy Now
Questions 148

Which of the following is the PRIMARY responsibility of a data steward?

Options:

A.

Ensuring the appropriate users have access to the right data

B.

Developing policies for data governance

C.

Reporting data analysis to the board

D.

Classifying and labeling organizational data assets

Buy Now
Questions 149

Which of the following is the MOST important, characteristic of a well-defined information architecture?

Options:

A.

It addresses key stakeholder requirements.

B.

It ensures compliance with regulations.

C.

It enables achievement of service level agreements (SLAs).

D.

It supports IT strategic goals.

Buy Now
Questions 150

After shifting from lease to purchase of IT infrastructure and software licenses, an enterprise has to pay for unexpected lease extensions causing significant cost overruns. The BEST direction for the IT steering committee would be to establish;

Options:

A.

an end-of-life program to remove aging infrastructure from the environment.

B.

budget cuts to compensate for the cost overruns.

C.

a program to annually review financial policy on overruns.

D.

a policy to consider total cost of ownership (TCO) in investment decisions.

Buy Now
Questions 151

An enterprise has committed to the implementation of a new IT governance model. The BEST way to begin this implementation is to:

Options:

A.

identify IT services that currently support the enterprise’s capability.

B.

define policies for data, applications, and organization of infrastructure.

C.

identify the role of IT in supporting the business.

D.

prioritize how much and where to invest in IT.

Buy Now
Questions 152

Which of the following provides the BEST information to assess the effective alignment of IT investments?

Options:

A.

IT balanced scorecard

B.

Net present value (NPV).

C.

IT delivery time metrics

D.

Total cost of ownership (TCO)

Buy Now
Questions 153

Which of the following is the MOST important input for designing a development program to help IT employees improve their ability to respond to business needs?

Options:

A.

Capability maturity model

B.

Cost-benefit analysis

C.

Skills competency assessment

D.

Annual performance evaluation

Buy Now
Questions 154

An IT department has forwarded a request to the IT strategy committee for funding of a discretionary Investment. The committee's MOST important consideration should be to evaluate:

Options:

A.

the technical feasibility of the investment.

B.

the business and technical scope of the investment •

C.

whether the investment supports corporate goals

D.

whether the investment aligns with the enterprise architecture (EA).

Buy Now
Questions 155

The PRIMARY objective of building outcome measures is to:

Options:

A.

monitor whether the chosen strategy is successful

B.

visualize how the strategy will be achieved.

C.

demonstrate commitment to IT governance.

D.

clarify the cause-and-effect relationship of the strategy.

Buy Now
Questions 156

A business has outsourced IT operations to several third-party providers, but service level agreements (SLAs) are not clearly defined in all cases. Which of the following is the GREATEST risk to the business?

Options:

A.

Costs are not measurable.

B.

Third parties could provide overlapping services.

C.

The scope of work is not clearly defined.

D.

Quality of services is not enforceable.

Buy Now
Questions 157

An enterprise has decided to implement an IT risk management program After establishing stakeholder desired outcomes, the MAIN goal of the IT strategy committee should be to:

Options:

A.

identify business data that requires protection.

B.

perform a risk analysis on key IT processes

C.

implement controls to address high risk areas

D.

ensure IT risk alignment with enterprise risk

Buy Now
Questions 158

The FIRST step in aligning resource management to the enterprise's IT strategic plan would be to

Options:

A.

develop a responsible, accountable, consulted and informed (RACI) chart

B.

assign appropriate roles and responsibilities

C.

perform a gap analysis

D.

identify outsourcing opportunities

Buy Now
Questions 159

To develop appropriate measures to improve organizational performance, the measures MUST be:

Options:

A.

a result of benchmarking and comparative analysis.

B.

accepted by and meaningful to the stakeholders.

C.

based on existing and validated data sources.

D.

approved by the IT steering committee.

Buy Now
Questions 160

An enterprise-wide strategic plan has been approved by the board of directors. Which of the following would BEST support the planning of IT investments required for the enterprise?

Options:

A.

Service-oriented architecture

B.

Enterprise architecture (EA)

C.

Contingency planning

D.

Enterprise balanced scorecard

Buy Now
Questions 161

What is the BEST criterion for prioritizing IT risk remediation when resource requirements are equal?

Options:

A.

Deviation from IT standards

B.

IT strategy alignment

C.

IT audit recommendations

D.

Impact on business

Buy Now
Questions 162

Which of the following is MOST important to consider when planning to implement a cloud-based application for sharing documents with internal and external parties?

Options:

A.

Cloud implementation model

B.

User experience

C.

Information ownership

D.

Third-party access rights

Buy Now
Questions 163

Which of the following is the BEST way to maximize the value of an enterprise’s information asset base?

Options:

A.

Seek additional opportunities to leverage existing information assets.

B.

Facilitate widespread user access to all information assets

C.

Regularly purge information assets to minimize maintenance costs

D.

Implement an automated information management platform

Buy Now
Questions 164

A CIO of an enterprise is concerned that IT and the business have different priorities. Which of the following would BEST demonstrate the current state of strategic alignment?

Options:

A.

IT maturity model

B.

Business case

C.

Balanced scorecard

D.

IT investment status

Buy Now
Questions 165

Enterprise leadership is concerned with the potential for discrimination against certain demographic groups resulting from the use of machine learning models What should be done FIRST to address this concern?

Options:

A.

Obtain stakeholders' input regarding the ethics associated with machine learning

B.

Revise the code of conduct to discourage bias within automated processes

C.

Develop a machine learning policy articulating guidelines for machine learning use

D.

Assess recent case law related to the enterprise's machine learning business strategy

Buy Now
Questions 166

Which of the following should be the PRIMARY input when developing IT strategy?

Options:

A.

Vision statement

B.

Process and capability maturity

C.

Governance objectives

D.

Balanced scorecard

Buy Now
Questions 167

Which of the following aspects of IT governance BEST addresses the potential intellectual property implications of a cloud service provider having a database in another country?

Options:

A.

Contract management

B.

Continuity planning

C.

Data management

D.

Security architecture

Buy Now
Questions 168

Which of the following are the MOST important processes for information asset life cycle management?

Options:

A.

Procurement management and third-party management

B.

Configuration management and financial management

C.

Vulnerability management and network management

D.

Business continuity management and disaster recovery management

Buy Now
Questions 169

Which of the following should be identified FIRST when determining appropriate IT key risk indicators (KRIs)?

Options:

A.

IT-related risk

B.

IT controls

C.

IT threats

D.

IT objectives

Buy Now
Questions 170

To meet the growing demands of a newly established business unit, IT senior management has been tasked with changing the current IT organization model to

service-oriented. With significant growth expected of the IT organization, which of the following is the MOST important consideration when planning for long-term IT

service delivery?

Options:

A.

The IT service delivery model is approved by the business.

B.

An IT risk management process is in place.

C.

IT is able to provide a comprehensive service catalog to the business.

D.

The IT organization is able to sustain business requirements.

Buy Now
Questions 171

An enterprise has finalized a major acquisition and a new business strategy in line with stakeholder needs has been introduced to help ensure continuous alignment of IT with the new business strategy the CiO should FIRST

Options:

A.

review the existing IT strategy against the new business strategy

B.

revise the existing IT strategy to align with the new business strategy

C.

establish a new IT strategy committee for the new enterprise

D.

assess the IT cultural aspects of the acquired entity

Buy Now
Exam Code: CGEIT
Exam Name: Certified in the Governance of Enterprise IT Exam
Last Update: Dec 22, 2024
Questions: 578

PDF + Testing Engine

$134.99

Testing Engine

$99.99

PDF (Q&A)

$84.99