Black Friday Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Achieve Success in the Isaca CGEIT Exam: A Detailed Certified in the Governance of Enterprise IT Exam Guide

Questions 136

Of the following, who is responsible for the achievement of IT strategic objectives?

Options:

A.

IT steering committee

B.

Business process owners

C.

Chief information officer (CIO)

D.

Board of directors

Buy Now
Questions 137

An organization has decided to integrate IT risk with the enterprise risk management (ERM) framework. The FIRST step to enable this integration is to establish:

Options:

A.

a common risk management taxonomy.

B.

a common risk organization.

C.

common key risk indicators (KRIs).

D.

common risk mitigation strategies.

Buy Now
Questions 138

The GREATEST benefit associated with a decision to implement performance metrics for key IT assets is the ability to:

Options:

A.

establish the span of control during the life cycle of IT assets.

B.

determine the average cost of controls for protection of IT assets.

C.

compare the performance Of IT assets against industry best practices.

D.

determine the contribution of IT assets in achievement of IT goals.

Buy Now
Questions 139

An enterprise has an ongoing issue of corporate applications not delivering the expected benefits due to missing key functionality. As a result, many groups are using spreadsheets and databases instead of approved enterprise applications to store and manipulate information. Which of the following will BEST improve the success rate of future IT initiatives?

Options:

A.

Engage the business user community in acceptance testing Of acquired applications.

B.

Engage stakeholders to identify and validate business requirements.

C.

Establish a process for risk and value management.

D.

Prohibit the use of non-approved alternate software solutions.

Buy Now
Questions 140

A CIO has recently been made aware of a new regulatory requirement that may affect IT-enabled business activities. Which of the following should be the CIO s FIRST step in deciding the appropriate response to the new requirement?

Options:

A.

Revise initiatives that are active to reflect the new requirements.

B.

Confirm there are adequate resources to mitigate compliance requirements.

C.

Consult with legal and risk experts to understand the requirements.

D.

Consult with the board for guidance on the new requirements

Buy Now
Questions 141

Which of the following would BEST help to prevent an IT system from becoming obsolete before its planned return on investment (ROI)?

Options:

A.

Obtaining independent assurance that the IT system conforms to business requirements

B.

Defining IT and business goals to ensure value delivery as required

C.

Managing the benefit realization through the entire life cycle

D.

Ordering an external audit for the IT system early in the roll out

Buy Now
Questions 142

Which of the following should a CIO review to obtain a holistic view of IT performance when identifying potential gaps in service delivery?

Options:

A.

Key performance indicators (KPIs)

B.

Return on investment (ROI) analysis

C.

Service level agreement (SLA) reporting

D.

Staff performance evaluations

Buy Now
Questions 143

Which of the following is the MOST efficient approach for using risk scenarios to evaluate a new business opportunity?

Options:

A.

Related risks are consolidated into one scenario for analysis.

B.

Risk events are identified bottom-up and top-down.

C.

Risk identification leverages past audit and compliance reports.

D.

Risk scenario narratives are summarized and limited in length.

Buy Now
Questions 144

An internal auditor conducts an assessment of a two-year-old IT risk management program. Which of the following findings should be of MOST concern to the CIO?

Options:

A.

Organizational responsibility for IT risk management is not clearly defined.

B.

None of the members of the IT risk management team have risk management-related certifications.

C.

Only a few key risk indicators (KRIs) identified by the IT risk management team are being monitored and the rest will be on a phased schedule.

D.

IT risk training records are not properly retained in accordance with established schedules

Buy Now
Questions 145

Which of the following should be the PRIMARY consideration when implementing an emerging technology with unclear regulatory and compliance requirements?

Options:

A.

Enterprise strategic plan

B.

Enterprise architecture (EA) alignment

C.

Enterprise risk appetite

D.

Business impact analysis (BIA) results

Buy Now
Questions 146

Which of the following would BEST help assess the effectiveness of a newly established IT governance framework?

Options:

A.

Develop a business case for the program portfolio.

B.

Evaluate key performance indicator (KPI) results.

C.

Benchmark the IT governance framework to industry best practice.

D.

Review results of IT audit reports.

Buy Now
Questions 147

When an enterprise is evaluating potential IT service vendors, which of the following BEST enables a clear understanding of the vendor's capabilities that will be critical to the enterprise's strategy?

  • Due diligence process

Options:

A.

Independent audit results

B.

Historical service level agreements (SLAs)

C.

Benchmarking analysis results

Buy Now
Questions 148

An IT steering committee is concerned about staff saving data files containing sensitive corporate information on publicly available cloud file storage applications. Which of the following should be done FIRST to address this concern?

Options:

A.

Create a secure corporate cloud file storage and sharing solution.

B.

Block corporate access to cloud file storage applications.

C.

Require staff training on data classification policies.

D.

Revise the data management policy to prohibit this practice.

Buy Now
Questions 149

Which of the following is the GREATEST expected strategic organizational benefit from the standardization of technical platforms?

Options:

A.

Reduces IT operational training costs

B.

Reduces response time

C.

Optimizes infrastructure investments

D.

Meets regulatory compliance requirements

Buy Now
Questions 150

What is the BEST way for IT to achieve compliance with regulatory requirements?

Options:

A.

Enforce IT policies and procedures.

B.

Create an IT project portfolio.

C.

Review an IT performance dashboard.

D.

Report on IT audit findings and action plans.

Buy Now