CGEIT exam

An enterprise has decided to create its first mobile application. The IT director is concerned about the potential impact of this initiative . Which of the following is the MOST important input for managing the risk associated with this initiative?A . Enterprise architecture (EA)B . IT risk scorecardC . Enterprise...

A business is considering a policy to anonymize personal data in enterprise systems. Before making a decision, which of the following is MOST important for the IT steering committee to consider?A . Business impact analysis (BIA) resultsB . Regulatory requirementsC . Sustainability costs to the enterpriseD . Potential implementation barriersView...

Which of the following roles is accountable for the confidentiality integrity and availability of information within an enterprise?A . Risk managerB . Data ownerC . Lead legal counselD . Data custodianView AnswerAnswer: B

An enterprise's decision to move to a virtualized architecture will have the GREATEST impact on:A . system life cycle management.B . asset classification.C . vendor managementD . vulnerability management.View AnswerAnswer: D

An enterprise considers implementing a system that uses a technology that is not in line with its IT strategy. The business case indicates significant benefit to the enterprise . Which of the following is the BEST way to manage this situation within an IT governance framework?A . Update the IT...

A chief technology officer (CTO) wants to ensure IT governance practices adequately address risk management specific to mobile applications. To create the appropriate risk policies for IT, it is MOST important for the CTO to:A . understand the enterprise's risk tolerance.B . create an IT risk scorecard.C . map the...

Which of the following would be MOST important to update if a decision is made to ban end user-owned devices in the workplace?A . Employee nondisclosure agreementB . Enterprise risk appetite statementC . Enterprise acceptable use policyD . Orientation training materialsView AnswerAnswer: C

The board of directors of a large organization has directed IT senior management to improve IT governance within the organization. IT senior management's MOST important course of action should be to:A . understand the driver that led to a desire to change.B . assess the current slate of IT governance...

The CIO of an enterprise learns the payroll server of a competitor has been the victim of ransomware. To help plan for the possibility of ransomed corporate data, what should be the ClO's FIRST course of action?A . Require development of key risk indicators (KRls).B . Develop a policy to...

Which of the following should be the FIRST consideration for an enterprise faced with a pandemic situation resulting in a mandatory remote work environment?A . Reviewing and testing disaster recovery plans (DRPs)B . Ensuring staff has the necessary technology to be productiveC . Ensuring remote work policies are updated and...