An enterprise is planning a change in business direction. As a result, IT risk will significantly increase. Which of the following should be the CIO's FIRST course of action?

A. Plan for the corresponding IT reorganization.
B. Recommend delaying the business change.
C. Report the risk to executive management.
D. Implement IT changes to align with the plan.

A regulatory audit assessed an enterprise's main transactional application as noncompliant. In addition to fines and required corrections, an agreement was reached to implement a set of governance controls over IT. Accountability for these controls is BEST assigned to which of the following?

A. Internal audit director
B. CIO
C. The board of directors
D. Application users

An enterprise has discovered that there is significant duplication of IT investments. Which of the following would be MOST helpful in addressing this issue?

A. Establishing an IT steering committee
B. Delegating IT investment decisions to centralized IT
C. Maintaining an inventory of IT investments
D. Increasing the frequency of IT investment audits

An internal auditor conducts an assessment of a two-year-old IT risk management program. Which of the following findings should be of MOST concern to the CIO?

A. Organizational responsibility for IT risk management is not clearly defined.
B. IT risk training records are not properly retained in accordance with established schedules.
C. None of the members of the IT risk management team have risk management-related certifications.
D. Only a few key risk indicators identified by the IT risk management team are being monitored and the rest will be on a phased schedule.

Which of the following is the BEST method to monitor IT governance effectiveness?

A. Service level management
B. Balanced scorecard
C. Risk control self-assessment
D. Strengths, weaknesses, opportunities, and threats (SWOT) analysis

Which of the following should be the PRIMARY consideration when implementing IT governance in a small, newly established organization?

A. Approving enterprise architecture and standards
B. Defining IT project management methodology
C. Assigning a budget for IT governance applications
D. Assigning IT roles and responsibilities

Which of the following BEST defines the IT investment activities an enterprise will undertake when aligning to business goals?

A. Portfolio management
B. Procurement management
C. Project management
D. Risk management

Portfolio management in a large enterprise BEST enables which of the following?

A. Performance management
B. Risk reduction
C. Value creation
D. Human resource optimization

The CEO of a large enterprise has announced the commencement of a major business expansion that will double the size of the organization. IT will need to support the expected demand expansion. The CIO should FIRST:

A. update the IT strategic plan to align with the decision.
B. recruit IT resources based on the expansion decision.
C. review the resource utilization matrix.
D. embed IT personnel in the business units.

Senior management finds that too many projects are currently in-progress and all are experiencing expensive project overruns due to lack of resources. Many of the projects also appear to overlap in their objectives and expected outcomes. Which of the following would BEST streamline the process of evaluating and selecting funding priorities?

A. Portfolio management
B. Value governance
C. Project management
D. Business case development