CGEIT : Certified in the Governance of Enterprise IT : Part 17
-
When implementing an IT governance framework, which of the following would BEST ensure acceptance of the framework?
- Factoring in the effects of enterprise culture
- Complying with regulatory requirements
- Using industry-accepted practices
- Using subject matter experts
-
Which of the following has the GREATEST influence on data quality assurance?
- Data classification
- Data modeling
- Data stewardship
- Data encryption
-
Which of the following is the MOST effective way to manage risks within the enterprise?
- Make staff aware of the risks in their area and risk management techniques.
- Provide financial resources for risk management systems.
- Document procedures and reporting processes.
- Assign individuals responsibilities and accountabilities for management of risks.
-
Which of the following provides the STRONGEST indication that IT governance is well established within an organizational culture?
- IT governance defines how IT projects should be assessed.
- Benefits of IT governance are realized throughout the organization.
- There is awareness of IT metrics throughout the organization.
- IT performance metrics are defined in the balanced scorecard.
-
Which of the following would be of MOST concern regarding the effectiveness of risk management processes?
- Risk management requirements are not included in performance reviews.
- Key risk indicators (KRIs) are not established.
- There is no framework to ensure effective reporting of risk events.
- The plans and procedures are not updated on an annual basis.
-
Following a strategic planning session, new IT objectives were announced. Which of the following is the MOST effective way for the CIO to ensure these objectives are cascaded to IT personnel?
- Update the IT balanced scorecard to align with the new IT objectives.
- Establish IT management’s performance measures based on the IT objectives.
- Communicate the new IT objectives during a staff meeting.
- Define individual performance measures related to the IT objectives.
-
An enterprise is about to complete a major acquisition, and a decision has been made that both companies will be using the parent company’s IT infrastructure. Which of the following should be done NEXT?
- Develop a communication plan to support the merger.
- Conduct a gap analysis.
- Perform a business impact analysis (BIA).
- Update the enterprise architecture (EA).
-
To enable the development of required IT skill sets for the enterprise, it is MOST important to define skill requirements based on:
- one set of skills applicable to all IT staff.
- each role within the IT department.
- a best practices framework.
- training needs.
-
When establishing an enterprise data model, the BEST way to ensure the integrity of data is to:
- implement the highest level of protection to data across the enterprise.
- classify information using an agreed-upon schema.
- implement a data loss prevention (DLP) program.
- establish a privileged access management platform.
-
An IT strategy committee wants to ensure that a risk program is successfully implemented throughout the enterprise. Which of the following would BEST support this goal?
- Commitment from senior management
- Mandatory risk awareness courses for staff
- A risk management framework
- A risk recognition and reporting policy
-
Senior management is reviewing the results of a recent security incident with significant business impact. Which of the following findings should be of GREATEST concern?
- Response efforts had to be outsourced due to insufficient internal resources.
- Significant gaps are present in the incident documentation.
- Response decisions were made without consulting the appropriate authority.
- The incident was not logged in the ticketing system.
-
An enterprise is developing an ethics program, and the ethical standards have been defined. Which of the following should the enterprise do NEXT?
- Outline and document consequences for noncompliance.
- Establish a training and awareness program focused on ethics.
- Implement an enterprise-wide employee monitoring program.
- Develop key performance indicators (KPIs) for program implementation.
-
Which of the following is MOST important for the effective design of an IT balanced scorecard?
- On-demand reporting and continuous monitoring
- Consulting with the CIO
- Emphasizing the financial results
- Identifying appropriate key performance indicators (KPIs)
-
As the required core competencies of the IT workforce are anticipated and identified, what is the NEXT step in strengthening the department’s human resource assets?
- Commit to the board performance metrics and bonus structure.
- Create an effective recruitment, retention, and training program.
- Develop personnel requirements for third-party assurance.
- Develop a responsible, accountable, consulted, and informed (RACI) chart.
-
Establishing a uniform definition for likelihood and impact BEST enables an enterprise to:
- reduce risk appetite and tolerance levels.
- develop key risk indicators (KRIs).
- reduce variance in the assessment of risk.
- prioritize threat assessment.
-
Which of the following is the PRIMARY purpose of information governance?
- To ensure regulatory compliance is maintained while optimizing the utilization of information
- To set direction for information management capabilities through prioritization and decision making
- To develop control procedures that help ensure information is adequately protected throughout its life cycle
- To monitor the processes that deliver and enhance the value of information assets
-
Which of the following would be the PRIMARY impact on IT governance when a business strategy is changed?
- Relationship level with IT outsourcers
- Performance outcomes of IT objectives
- IT governance structure
- Maturity level of IT processes
-
Which of the following is the MOST important characteristic of a well-defined information architecture?
- It supports IT strategic goals.
- It addresses key stakeholder requirements.
- It enables achievement of service level agreements (SLAs).
- It ensures compliance with regulations.
-
In a large enterprise, which of the following is the MOST effective way to understand the business activities associated with the enterprise’s information architecture?
- Aligning business objectives to organizational strategy
- Reviewing IT design with business process managers
- Reviewing business strategy with senior management
- Mapping business processes within a framework
-
Which of the following should be the MOST important consideration for a hospital planning to use cloud services and mobile applications?
- Acceptable use policy
- Internet connectivity
- Data classification
- Privacy requirements
Subscribe
0 Comments
Newest