New Year Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Achieve Success in the Isaca CGEIT Exam: A Detailed Certified in the Governance of Enterprise IT Exam Guide

Questions 46

Senior management is reviewing the results of a recent security incident with significant business impact. Which of the following findings should be of GREATEST concern?

Options:
A.

Significant gaps are present m the incident documentation.

B.

The incident was not logged in the ticketing system.

C.

Response decisions were made without consulting the appropriate authority.

D.

Response efforts had to be outsourced due to insufficient internal resources.

Isaca CGEIT Premium Access
Questions 47

A rail transport company has the worst on-time arrival record in the industry due to an antiquated IT system that controls scheduling. Despite employee resistance, an initiative lo upgrade the technology and related processes has been approved. To maximize employee engagement throughout the project, which of the following should be in place prior to the start of the initiative?

Options:
A.

Procurement management plan

B.

Organizational change management plan

C.

Risk response plan

D.

Resource management plan

Questions 48

From a governance perspective, which of the following roles is MOST important for an enterprise to keep in-house?

Options:
A.

Information auditor

B.

Information architect

C.

Information steward

D.

Information analyst

Questions 49

Which of the following is the MOST effective means for IT management to report to executive management regarding the value of IT?

Options:
A.

IT process maturity level

B.

Cost-benefit analysis

C.

Resource assessment

D.

Balanced scorecard

Questions 50

To reduce the risk of reputational damage through inappropriate use of social media by employees outside of the workplace, the enterprise approach regarding social media should PRIMARILY focus on;

Options:
A.

implementing preventative controls.

B.

developing policies on social media.

C.

implementing a review of processes utilizing social media.

D.

ensuring each use of social media is approved by management.

Questions 51

An enterprise has a large backlog of IT projects. The current strategy is to execute projects as they are submitted, but executive management does not believe this method is optimal. Which of the following is the MOST important action to address this concern?

Options:
A.

Implement stage-gating to determine the value of each project.

B.

Establish a performance dashboard that determines business value.

C.

Implement a methodology to prioritize projects based on resource availability.

D.

Create a combined business/IT committee to determine project prioritization.

Questions 52

An IT audit report indicates that a lack of IT employee risk awareness is creating serious security issues in application design and configuration. Which of the following would be the BEST key risk indicator (KRI) to show progress in IT employee behavior?

Options:
A.

Number of IT employees attending security training sessions

B.

Results of application security testing

C.

Number of reported security incidents

D.

Results of application security awareness training quizzes

Questions 53

The BEST way to manage continuous improvement of governance-related processes is to:

Options:
A.

assess existing process resource capacities.

B.

define accountability based on roles and responsibilities.

C.

apply effective quality management practices.

D.

require third-party independent reviews.

Questions 54

Which of the following is the BEST indication of effective IT-business strategic alignment?

Options:
A.

Business management is involved as IT strategies are developed.

B.

IT senior management is required to report to the board.

C.

Business strategy is documented to allow IT architecture to be designed quickly.

D.

IT-business collaboration results in a strategy focused on IT cost reduction.

Questions 55

A retail enterprise has cost reduction as its top priority. From a governance perspective, which of the following should be the MOST important consideration when evaluating different IT investment options?

Options:
A.

Support for increased sales

B.

Risk associated with each option

C.

Industry best practices

D.

Business value impact

Questions 56

When implementing an IT governance framework, which of the following would BEST ensure acceptance of the framework?

Options:
A.

Factoring in the effects of enterprise culture

B.

Using subject matter experts

C.

Using industry-accepted practices

D.

Complying with regulatory requirements

Questions 57

Two large financial institutions with different corporate cultures are engaged in a merger. From a governance perspective, which of the following should be the GREATEST concern?

Options:
A.

Technology infrastructure

B.

Risk appetite

C.

Combined cost of operations

D.

Enterprise architecture (EA) integration

Questions 58

IT security is concerned with employees' increasing use of personal equipment for work-related purposes, while employees claim it allows them to be more productive. A decision on whether to modify the enterprise information security policy should be based on:

Options:
A.

audit findings.

B.

user access approval procedures.

C.

the impact to security.

D.

a risk and benefit evaluation.

Questions 59

An independent consultant has been hired to conduct an ad hoc audit of an enterprise’s information security office with results reported to the IT governance committee and the board Which of the following is MOST important to provide to the consultant before the audit begins?

Options:
A.

Acceptance of the audit risks and opportunities

B.

The scope and stakeholders of the audit

C.

The organizational structure of the security office

D.

The policies and framework used by the security office

Questions 60

Enterprise leadership is concerned with the potential for discrimination against certain demographic groups resulting from the use of machine learning models What should be done FIRST to address this concern?

Options:
A.

Obtain stakeholders' input regarding the ethics associated with machine learning

B.

Revise the code of conduct to discourage bias within automated processes

C.

Develop a machine learning policy articulating guidelines for machine learning use

D.

Assess recent case law related to the enterprise's machine learning business strategy

Isaca Related Exams

How to pass Isaca CISA - Certified Information Systems Auditor Exam
How to pass Isaca CISM - Certified Information Security Manager Exam
How to pass Isaca CRISC - Certified in Risk and Information Systems Control Exam
How to pass Isaca COBIT5 - COBIT 5 Foundation Exam Exam
How to pass Isaca CDPSE - Certified Data Privacy Solutions Engineer Exam
How to pass Isaca COBIT-2019 - COBIT 2019 Foundation Exam
How to pass Isaca NIST-COBIT-2019 - ISACA Implementing the NIST Cybersecurity Framework using COBIT 2019 Exam

Isaca Free Exams

Isaca Free Exams
Examstrack offers comprehensive free resources and practice tests for Isaca exams.