CGEIT Certified in the Governance of Enterprise IT – Question331

Senior management is reviewing the results of a recent security incident with significant business impact. Which of the following findings should be of GREATEST concern?

A.
Response efforts had to be outsourced due to insufficient internal resources.
B. Significant gaps are present in the incident documentation.
C. Response decisions were made without consulting the appropriate authority.
D. The incident was not logged in the ticketing system.

Correct Answer: B

CGEIT Certified in the Governance of Enterprise IT – Question330

An IT strategy committee wants to ensure that a risk program is successfully implemented throughout the enterprise. Which of the following would BEST support this goal?

A.
Commitment from senior management
B. Mandatory risk awareness courses for staff
C. A risk management framework
D. A risk recognition and reporting policy

Correct Answer: A

CGEIT Certified in the Governance of Enterprise IT – Question329

When establishing an enterprise data model, the BEST way to ensure the integrity of data is to:

A.
implement the highest level of protection to data across the enterprise.
B. classify information using an agreed-upon schema.
C. implement a data loss prevention (DLP) program.
D. establish a privileged access management platform.

Correct Answer: A

CGEIT Certified in the Governance of Enterprise IT – Question327

An enterprise is about to complete a major acquisition, and a decision has been made that both companies will be using the parent company's IT infrastructure. Which of the following should be done NEXT?

A.
Develop a communication plan to support the merger.
B. Conduct a gap analysis.
C. Perform a business impact analysis (BIA).
D. Update the enterprise architecture (EA).

Correct Answer: C

CGEIT Certified in the Governance of Enterprise IT – Question326

Following a strategic planning session, new IT objectives were announced. Which of the following is the MOST effective way for the CIO to ensure these objectives are cascaded to IT personnel?

A.
Update the IT balanced scorecard to align with the new IT objectives.
B. Establish IT management's performance measures based on the IT objectives.
C. Communicate the new IT objectives during a staff meeting.
D. Define individual performance measures related to the IT objectives.

Correct Answer: D

CGEIT Certified in the Governance of Enterprise IT – Question325

Which of the following would be of MOST concern regarding the effectiveness of risk management processes?

A.
Risk management requirements are not included in performance reviews.
B. Key risk indicators (KRIs) are not established.
C. There is no framework to ensure effective reporting of risk events.
D. The plans and procedures are not updated on an annual basis.

Correct Answer: B

CGEIT Certified in the Governance of Enterprise IT – Question324

Which of the following provides the STRONGEST indication that IT governance is well established within an organizational culture?

A.
IT governance defines how IT projects should be assessed.
B. Benefits of IT governance are realized throughout the organization.
C. There is awareness of IT metrics throughout the organization.
D. IT performance metrics are defined in the balanced scorecard.

Correct Answer: B

CGEIT Certified in the Governance of Enterprise IT – Question323

Which of the following is the MOST effective way to manage risks within the enterprise?

A.
Make staff aware of the risks in their area and risk management techniques.
B. Provide financial resources for risk management systems.
C. Document procedures and reporting processes.
D. Assign individuals responsibilities and accountabilities for management of risks.

Correct Answer: D