CGEIT exam

Which of the following would be MOST important to update if a decision is made to ban end user-owned devices in the workplace?A . Employee nondisclosure agreementB . Enterprise risk appetite statementC . Enterprise acceptable use policyD . Orientation training materialsView AnswerAnswer: C

The IT program manager does not see the value of conducting risk assessments for a new major IT project. The manager is reluctant to cooperate with internal auditors and the newly formed steering committee. Midway through the project, program requirements were changed because the CEO is a friend of a...

An enterprise considering implementing IT governance should FIRST develop the scope of the IT governance program and:A . initiate the program using an implementation roadmap.B . establish initiatives for business and managers.C . acquire the resources that will be required.D . communicate the program to stakeholders to gain consensus.View AnswerAnswer:...

A regulatory audit assessed an enterprise's main transactional application as noncompliant. In addition to fines and required corrections, an agreement was reached to implement a set of governance controls over IT. Accountability for these controls is BEST assigned to which of the following?A . CIOB . Internal audit directorC ....

Which of the following is the BEST method for making a strategic decision to invest in cloud services?A . Prepare a business case.B . Prepare a request for information (RFI),C . Benchmarking.D . Define a balanced scorecard.View AnswerAnswer: A

Of the following, who should be responsible for ensuring the regular review of quality management performance against defined quality metrics?A . Process ownersB . Risk management teamC . Internal auditorsD . Executive managementView AnswerAnswer: A

In a large enterprise, which of The following is the MOST effective way to understand the business activities associated with the enterprise's information architecture?A . Reviewing IT design with business process managersB . Reviewing business strategy with senior managementC . Mapping business processes within a frameworkD . Aligning business objectives...

A CIO must determine if IT staff have adequate skills to deliver on key strategic objectives. Which of the following will provide the MOST useful information?A . Employee performance metricsB . Project risk reportsC . Gap analysis resultsD . Training program statisticsView AnswerAnswer: C

Best practice states that IT governance MUST:A . enforce consistent policy across the enterprise.B . be applied in the same manner throughout the enterprise.C . apply consistent target levels of maturity to processes.D . be a component of enterprise governance.View AnswerAnswer: D

An enterprise can BEST assess the benefits of a new IT project through its life cycle by:A . calculation of the total cost of ownership.B . periodic review of the business case.C . periodic measurement of the project slip rate.D . calculation of the net present value (NPV).View AnswerAnswer: A