CGEIT : Certified in the Governance of Enterprise IT : Part 01
-
Which of the following should be the PRIMARY consideration for an enterprise when prioritizing IT projects?
- Results of IT performance benchmarks against competitors
- Impact on the business due to expected project outcomes
- Technical capability of the enterprise to execute the projects
- Process owner expectations based on operational benefits
Explanation:
Reference: https://www.cio.com/article/3294993/prioritizing-projects.html
-
Senior management finds that too many projects are currently in-progress and all are experiencing expensive project overruns due to lack of resources. Many of the projects also appear to overlap in their objectives and expected outcomes.
Which of the following would BEST streamline the process of evaluating and selecting funding priorities?
- Portfolio management
- Value governance
- Project management
- Business case development
Explanation:Reference: https://www.isaca.org/resources/news-and-trends/newsletters/cobit-focus/2016/ensuring-value-from-it-enabled-investments -
The CEO of a large enterprise has announced the commencement of a major business expansion that will double the size of the organization. IT will need to support the expected demand expansion. The CIO should FIRST:
- update the IT strategic plan to align with the decision.
- recruit IT resources based on the expansion decision.
- review the resource utilization matrix.
- embed IT personnel in the business units.
-
Portfolio management in a large enterprise BEST enables which of the following?
- Performance management
- Risk reduction
- Value creation
- Human resource optimization
-
Which of the following BEST defines the IT investment activities an enterprise will undertake when aligning to business goals?
- Portfolio management
- Procurement management
- Project management
- Risk management
-
Which of the following should be the PRIMARY consideration when implementing IT governance in a small, newly established organization?
- Approving enterprise architecture and standards
- Defining IT project management methodology
- Assigning a budget for IT governance applications
- Assigning IT roles and responsibilities
Explanation:Reference: https://www.isaca.org/resources/news-and-trends/newsletters/cobit-focus/2017/using-cobit-in-government-departments -
Which of the following is the BEST method to monitor IT governance effectiveness?
- Service level management
- Balanced scorecard
- Risk control self-assessment
- Strengths, weaknesses, opportunities, and threats (SWOT) analysis
Explanation:Reference: https://www.isaca.org/resources/isaca-journal/issues/2016/volume-6/performance-measurement-metrics-for-it-governance -
An internal auditor conducts an assessment of a two-year-old IT risk management program. Which of the following findings should be of MOST concern to the CIO?
- Organizational responsibility for IT risk management is not clearly defined.
- IT risk training records are not properly retained in accordance with established schedules.
- None of the members of the IT risk management team have risk management-related certifications.
- Only a few key risk indicators identified by the IT risk management team are being monitored and the rest will be on a phased schedule.
-
An enterprise has discovered that there is significant duplication of IT investments. Which of the following would be MOST helpful in addressing this issue?
- Establishing an IT steering committee
- Delegating IT investment decisions to centralized IT
- Maintaining an inventory of IT investments
- Increasing the frequency of IT investment audits
-
A regulatory audit assessed an enterprise’s main transactional application as noncompliant. In addition to fines and required corrections, an agreement was reached to implement a set of governance controls over IT. Accountability for these controls is BEST assigned to which of the following?
- Internal audit director
- CIO
- The board of directors
- Application users
-
An enterprise is planning a change in business direction. As a result, IT risk will significantly increase. Which of the following should be the CIO’s FIRST course of action?
- Plan for the corresponding IT reorganization.
- Recommend delaying the business change.
- Report the risk to executive management.
- Implement IT changes to align with the plan.
-
Which of the following is the GREATEST expected strategic organizational benefit from the standardization of technical platforms?
- Reduces IT operational training costs
- Reduces response time
- Meets regulatory compliance requirements
- Optimizes infrastructure investments
Explanation:Reference: https://books.google.com.pk/books?id=odC_AQAAQBAJ&pg=PA167&lpg=PA167&dq=enterprise+IT+expected+strategic+organizational+benefit+from+the+standardization+of+technical+platforms&source=bl&ots=KnpTgkPPsb&sig=ACfU3U3fIFhOpMt81n2_xEoKhLtDFBmv8g&hl=en&sa=X&ved=2ahUKEwjegNiP6PfpAhWOh1wKHQB4AX8Q6AEwCXoECAcQAQ#v=onepage&q=enterprise%20IT%20expected%20strategic%20organizational%20benefit%20from%20the%20standardization%20of%20technical%20platforms&f=false -
Which of the following would be the BEST way for an enterprise to address new legal and regulatory requirements applicable to IT?
- Benchmark how other IT organizations are treating the new requirements.
- Adopt a zero-tolerance approach for noncompliance with regulatory matters.
- Treat as a risk to be assessed before developing a response.
- Use a cost-benefit analysis to determine if compliance is warranted.
-
Which of the following is MOST critical for sustaining a newly implemented IT governance program?
- Launch an enterprise-wide IT governance awareness program.
- Designate a board representative to sponsor the IT governance program.
- Ensure that there are IT policies, procedures, and standards in place.
- Benchmark the program periodically against industry peers.
-
An enterprise decides to accept the IT risk of a subsidiary located in another country even though it exceeds the enterprise’s risk appetite. Which of the following would be the BEST justification for this decision?
- Local market common practices
- Risk framework alignment
- Technical gaps among subsidiaries
- Compliance with local regulations
-
The board of directors of an enterprise has questioned whether the business is focused on optimizing value. The IT strategy committee’s BEST action to address the board’s concern is to:
- initiate reporting and review of key IT performance metrics.
- form a technology council to monitor the efficiency of project implementation.
- conduct a portfolio review to assess the benefits realization of IT investments.
- conduct a benchmark to assess IT value relative to competitors.
-
A CEO determines the enterprise is lagging behind its competitors in consumer mobile offerings, and mandates an aggressive rollout of several new mobile services within the next 12 months. To ensure the IT organization is capable of supporting this business objective, the enterprise’s CIO should FIRST:
- procure contractors with experience in mobile application development.
- task direct reports with creating training plans for their teams.
- create a sense of urgency with the IT team that mobile knowledge is mandatory.
- request an assessment of current in-house mobile technology skills.
-
Following a merger of two major corporations, the new strategic goal is “One business function. One IT system.” Which of the following should be the FIRST step to achieve this goal?
- Form a combined IT steering committee.
- Document requirements for each business function.
- Create a standard enterprise architecture.
- Define service level agreements with each business function.
-
Which of the following is the BEST approach to ensure IT technical competencies support the enterprise?
- Ensure there is adequate budget for IT technical training.
- Determine training requirements from customer service satisfaction surveys.
- Align training requirements to the capabilities needed to support the business strategy.
- Hold annual job fairs targeting new graduates in IT technical fields.
Explanation:Reference: https://www.mckinsey.com/~/media/McKinsey/Industries/Financial%20Services/Our%20Insights/Next-gen%20technology%20transformation%20in%20financial%20services/Next-gen-technology-transformation-in-financial-services.ashx -
A data governance strategy has been defined by the IT strategy committee which includes privacy objectives related to access controls, authorized use, and data collection. Which of the following should the committee do NEXT?
- Mandate the creation of a data privacy policy.
- Establish a data privacy budget.
- Perform a data privacy impact assessment.
- Mandate data privacy training for employees.
Subscribe
0 Comments
Newest