CGEIT exam

To reduce the risk of reputational damage through inappropriate use of social media by employees outside of the workplace, the enterprise approach regarding social media should PRIMARILY focus on;A . implementing preventative controls.B . developing policies on social media.C . implementing a review of processes utilizing social media.D . ensuring...

Which of the following is the MOST comprehensive method to report on overall IT performance to the board of directors?A . Balanced scorecardB . Net present value (NPV)C . Performance-based paymentsD . Return on investment (ROI)View AnswerAnswer: A

The BEST way for a CIO to monitor the alignment between the business and IT strategy is to regularly reviewA . key risk indicators (KRIs)B . IT services supporting business processesC . the balanced scorecardD . the risk registerView AnswerAnswer: B

Following a strategic planning session, new IT objectives were announced . Which of the following is the MOST effective way for the CIO to ensure these objectives are cascaded to IT personnel?A . Communicate the new IT objectives during a staff meeting.B . Define individual performance measures related to the...

Which of the following would be MOST helpful to an enterprise that wants to standardize how sensitive corporate data is handled?A . Information classification frameworkB . Enterprise risk policyC . Enterprise risk management (ERM) frameworkD . Information security policyView AnswerAnswer: C

Which of the following would be MOST useful for prioritizing IT improvement initiatives to achieve desired business outcomes?A . Budget variance analysisB . Enterprise architecture (EA)C . IT skills matrixD . Portfolio managementView AnswerAnswer: D

An IT audit report indicates that a lack of IT employee risk awareness is creating serious security issues in application design and configuration . Which of the following would be the BEST key risk indicator (KRI) to show progress in IT employee behavior?A . Number of IT employees attending security...

An IT steering committee is preparing to review proposals for projects that implement emerging technologies. In anticipation of the review, the committee should FIRST:A . determine if the IT staff can support the emerging technologies.B . understand how the emerging technologies will influence risk across the enterprise.C . require a...

The CIO of a large enterprise has taken the necessary steps to align IT objectives with business objectives . What is the BEST way for the CIO to ensure these objectives are delivered effectively by IT staff?A . Map the IT objectives to an industry-accepted framework.B . Enhance Ihe budget...

An IT steering committee wants to select a disaster recovery site based on available nsk data. Which of the following would BE ST enable the mapping of cost to risk?A . Key risk indicators (KRIs)B . Scenario-based assessmentC . Business impact analysis (BIA)D . Qualitative forecastingView AnswerAnswer: B