Which of the following is the BEST way to ensure all enterprise employees understand the corporate code of business conduct?

A. Distribute a copy of the code and require a signature.
B. Conduct scheduled and random compliance audits.
C. Require external business activities be documented and reported.
D. Mandate annual ethics training that includes an exam.

Which of the following aspects of IT governance BEST addresses the potential intellectual property implications of a cloud service provider having a database in another country?

A. Data management
B. Contract management
C. Security architecture
D. Continuity planning

What is the BEST way for an IT governance board to establish standards of behavior for the adoption of artificial intelligence (AI)?

A. Include specific ethics clauses in vendor agreements and contracts.
B. Include ethics topics within onboarding and awareness training.
C. Review and update the data privacy policy to align with industry standards.
D. Direct the creation and approval of an ethical use policy.

An IT governance committee wants to ensure there is a clear description of the "data owner" in the enterprise data policy. Which of the following would BEST define the owner of data stored in an external cloud?

A. The contract manager who monitors the security of the cloud provider
B. The vendor who submits the data to the organization via online forms
C. The business leader who is most impacted by the loss of data
D. The risk manager who is responsible for protecting data stored in the cloud

A newly hired CIO has been told the enterprise has an established IT governance process, but finds it is not being followed. To address this problem, the CIO should FIRST:

A. gain an understanding of the existing governance process and corporate culture.
B. replace the current governance process with one the CIO has successfully used before.
C. establish personal relationships with executive-level peers to leverage goodwill.
D. engage audit to review current governance processes and validate the CIO's concerns.

An enterprise has developed a new digital strategy to improve fraud detection. Which of the following is MOST important to consider when updating the information architecture?

A. The business use cases supporting the digital strategy
B. Changes to the legacy business and data architectures
C. The history of fraud incidents and their root causes
D. Resource constraints related to implementing the digital strategy

Of the following, who is MOST appropriate to evaluate the potential benefits of an IT-enabled investment?

A. Business sponsor
B. Portfolio management officer
C. External IT auditor
D. Chief information officer

Which of the following BEST indicates the success of an enterprise's IT governance framework after implementation?

A. A high percentage of IT projects delivered on time and on budget
B. A high percentage of IT investments delivering expected benefits
C. A high percentage of IT systems complying with corporate information security standards
D. A high percentage of business owners involved with the approval of the IT strategic plan

Which of the following should be the PRIMARY goal of implementing an IT strategic planning process?

A. Optimizing IT resources to drive innovation
B. Determining benefits from IT deployments
C. Translating business needs into IT initiatives
D. Directing a business strategy to achieve goals

Which of the following should be done FIRST when defining responsibilities for ownership of information and systems?

A. Require an inventory of information assets.
B. Identify systems that are outsourced.
C. Require an information risk assessment.
D. Ensure information is classified.