
PDF Download Free of CGEIT Valid Practice Test Questions
CGEIT Test Engine files, CGEIT Dumps PDF
NEW QUESTION 158
What stakeholder(s) must participate in the document elicitation result?
- A. Business analyst
- B. Business analyst and the key stakeholders
- C. Business analyst and the business owner
- D. Business analyst, business analysis team, and the key stakeholders
Answer: A
NEW QUESTION 159
Beth is an HR Professional for her organization and she's been alerted by management that the company will be outsourcing a large portion of operations. This outsourcing will likely cause several employees to lose employment with the organization. Which of the following is the best course of action that Beth can take in regard to communicating with the employees about the outsourcing change?
- A. Don't share the details of the outsourcing decision.
- B. Refer all
- C. Be honest and truthful and do not hide the facts.
- D. Document all
Answer: C
NEW QUESTION 160
A project team member has just identified a new project risk. The risk event is determined to have significant impact but a low probability in the project. Should the risk event happen it'll cause the project to be delayed by three weeks, which will cause new risk in the project. What should the project manager do with the risk event?
- A. Add the identified risk to a quality control management control chart.
- B. Add the identified risk to the risk register.
- C. Add the identified risk to the issues log.
- D. Add the identified risk to the low-level risk watchlist.
Answer: B
NEW QUESTION 161
How does an enterprise benefit from implementing a set of key risk indicators (KRIs)?
- A. Risk exposures are monitored to ensure they remain within risk appetite.
- B. The need for a formal risk and control assessment program is eliminated.
- C. The set of KRIs remains relevant over time.
- D. The frequency of risk data gathering and reporting is minimized.
Answer: A
Explanation:
Explanation/Reference: https://www.metricstream.com/insights/Key-Risk-indicators-ERM.htm
NEW QUESTION 162
An enterprise is concerned with the potential for data leakage as a result of increased use of social media in the workplace, and wishes to establish a social media strategy. Which of the following should be the MOST important consideration in developing this strategy?
- A. Criticality of the information
- B. The balance between business benefits and risk
- C. Data ownership
- D. Ensuring that the enterprise architecture (EA) is updated
Answer: B
NEW QUESTION 163
A large financial institution is considering outsourcing customer call center operations which will allow the chosen vendor to access systems from offshore locations. Which of the following represents the GREATEST risk?
- A. Lack of network availability
- B. Inadequate business continuity planning
- C. Loss of data confidentiality
- D. Inconsistent customer service and reporting
Answer: C
NEW QUESTION 164
Which types of project tends to have more well-understood risks?
- A. State-of-art technology projects
- B. First-of-its kind technology projects
- C. Recurrent projects
- D. Operational work projects
Answer: C
NEW QUESTION 165
Senior management wants to promote investment in IT, but is uncertain that associated risks are being properly identified. The BEST way to address this concern is to:
- A. appoint an IT representative to the business risk committee.
- B. assign an IT cost controller to the finance department.
- C. engage an external consultant to develop risk scenarios.
- D. ensure business cases are developed by IT.
Answer: D
NEW QUESTION 166
Which of the following domains of CGEIT aims to guarantee that the IT enables and supports the achievement of business objectives through the integration of IT strategic plans with business strategic plans and the alignment of IT services with enterprise operations?
- A. IT Governance Framework
- B. Strategic Alignment
- C. Value Delivery
- D. Risk Management
Answer: B
NEW QUESTION 167
Following a strategic planning session, new IT objectives were announced. Which of the following is the MOST effective way for the CIO to ensure these objectives are cascaded to IT personnel?
- A. Define individual performance measures related to the IT objectives.
- B. Update the IT balanced scorecard to align with the new IT objectives.
- C. Establish IT management's performance measures based on the IT objectives.
- D. Communicate the new IT objectives during a staff meeting.
Answer: A
NEW QUESTION 168
An IT audit reveals inconsistent maintenance of data privacy in enterprise systems primarily due to a lack of data sensitivity categorizations. Once the categorizations are defined, what is the BEST long-term strategic response by IT governance to address this problem?
- A. Incorporate enterprise privacy categorizations into contracts.
- B. Require business impact analyses (BIAs) for enterprise systems.
- C. Standardize data classification processes throughout the enterprise.
- D. Reassess the data governance policy.
Answer: C
NEW QUESTION 169
When defining an enterprise governance framework, the PRIMARY determination of the degree to which the framework is principle-based or policy-based is:
- A. IT process maturity.
- B. enterprise architecture framework.
- C. organizational decision-making style.
- D. organizational structure.
Answer: D
Explanation:
Explanation/Reference: https://www.isaca.org/resources/isaca-journal/past-issues/2013/it-policy-framework-based-on-cobit-
5
NEW QUESTION 170
In which of the following phases of the SDLC does the software and other components of the system faithfully incorporate the design specifications and provide proper documentation and training?
- A. Design
- B. Evaluation and acceptance
- C. Programming and training
- D. Initiation
Answer: C
NEW QUESTION 171
Which of the following stages of the Forrester's IT Governance Maturity Model describes that the IT governance processes are applied across the enterprise where all business units/entities conform to the same set of IT governance processes, and IT investment decisions are based on the enterprise view?
- A. Stage 3-Consistent
- B. Stage 2-Fragmented
- C. Stage 4-Best practices
- D. Stage 1-Ad hoc
Answer: A
NEW QUESTION 172
Senior leadership is concerned about a recent trend of excessive exceptions to existing controls. Which of the following should be implemented to address this concern?
- A. A control library
- B. Independent audits
- C. Continuous monitoring
- D. Risk awareness training
Answer: C
NEW QUESTION 173
The PRIMARY objective of promoting business ethics within the IT enterprise should be to ensure:
- A. corporate social responsibility.
- B. legal and regulatory compliance.
- C. trust among internal and external stakeholders.
- D. employees act more responsibly.
Answer: C
NEW QUESTION 174
Which of the following are the roles of a CIO in the Resource management framework?
Each correct answer represents a complete solution. Choose all that apply.
- A. Establishes business priorities & allocates resources for IT performance.
- B. Provides IT infrastructure to facilitate knowledge & information creation/sharing.
- C. Standardizes architecture & technology.
- D. Defines value creation roles within IT.
Answer: B,C,D
NEW QUESTION 175
Which of the following guides provides guidance on how COBIT is useful in supporting a variety of assurance tasks, along with the recommended testing steps that are aligned with the control practices?
- A. IT control for Sarbanes Oxley guide
- B. IT control objectives for Basel II guide
- C. COBIT control practices guide
- D. IT assurance guide
Answer: D
NEW QUESTION 176
Which of the following terms related to risk management represents the estimated frequency at which a threat is expected to occur?
- A. Annualized Rate of Occurrence (ARO)
- B. Single Loss Expectancy (SLE)
- C. Exposure Factor (EF)
- D. Safeguard
Answer: A
Explanation:
Section: Volume B
NEW QUESTION 177
Who is PRIMARILY accountable for delivering the benefits of an IT-enabled investment program to the enterprise?
- A. Business sponsor
- B. Program manager
- C. IT steering committee chair
- D. CIO
Answer: D
NEW QUESTION 178
Which of the following would provide the BEST input for prioritizing strategic IT improvement initiatives?
- A. Business impact analysis (BIA)
- B. Business process analysis
- C. Business case evaluation
- D. Business dependency assessment
Answer: A
NEW QUESTION 179
Ben is the project manager of the CMH Project for his organization. He has identified a risk that has a low probability of happening, but the impact of the risk event could save the project and the organization with a significant amount of capital. Ben assigns Laura to the risk event and instructs her to research the time, cost, and method to improve the probability of the positive risk event. Ben then communicates the risk event and response to management. What risk response has been used here?
- A. Sharing
- B. Transference
- C. Exploit
- D. Enhance
Answer: D
NEW QUESTION 180
What is the PRIMARY objective for performing an IT due diligence review prior to the acquisition of a competitor?
- A. Ensure that the competitor understands significant IT risks.
- B. Determine whether the competitor is using industry-accepted practices.
- C. Assess the status of the risk profile of the competitor.
- D. Document the competitor's governance structure.
Answer: C
NEW QUESTION 181
An enterprise's information security function is making changes to its data retention and backup policies. Which of the following presents the GREATEST risk?
- A. The retention period for data backups is Increased.
- B. Business data owners were not consulted.
- C. Data backups will be hosted at third-party locations.
- D. The new policies Increase the cost of data backups.
Answer: B
NEW QUESTION 182
......
Pass Your Isaca Certificaton CGEIT Exam on Dec 19, 2021 with 409 Questions: https://www.prep4away.com/ISACA-certification/braindumps.CGEIT.ete.file.html
Latest ISACA CGEIT PDF and Dumps (2021) Free Exam Questions Answers: https://drive.google.com/open?id=1trsroAyDFtoELphLV55ZgC6twvEk6hsR