You work as a project manager for TYU project. You are planning for risk mitigation. You need to identify the risks that will need a more in-depth analysis. Which of the following activities will help you in this?
A. Estimate activity duration
B. Quantitative analysis
C. Qualitative analysis
D. Risk identification
Which of the following individuals provides the funding, and want to see the return on their investment and strategic alignment with their strategic objectives?
A. Compliance officers
B. Internal auditors
C. Business partners
D. Product suppliers
A business unit within an enterprise has directly contracted with a cloud service provider to process sensitive customer information. The CIO later identifies a serious risk of potential data compromise due to the vendor's insufficient segregation of environments and lack of strong access controls. The FIRST course of action should be to:
A. immediately suspend sending of data to the cloud service provider.
B. notify internal audit of the risk.
C. discuss the risk with the vendor to determine mitigation actions.
D. inform the business process owner of the risk.
A CEO of a large enterprise is concerned that risk events are not regularly addressed at the C-suite level unless related to emergency incidents. Which of the following is the BEST way for the CEO to ensure risk events are given sufficient time and attention?
A. Instruct managers to take ownership for their department's identified risks.
B. Issue performance objectives that target the elimination of enterprise risks.
C. Include the discussion of key enterprise risk as an agenda item at board meetings.
D. Require the development of a risk procedure on how to capture risks.
A regulatory audit of an IT department has identified discrepancies between processes described in the procedures and what is actually done by system administrators. The discrepancies were caused by recent IT application changes. Which of the following would be the BEST way to prevent the recurrence of similar findings in the future?
A. Include the update of documentation within the change management framework.
B. Assign the responsibility for periodic revisions and changes to process owners.
C. Require each IT employee to confirm compliance with IT procedures on an annual basis.
D. Establish high-level procedures to minimize process changes.
To support the enterprise's digital transformation, the CIO has been asked to include an Internet of Things (IoT) component in the IT strategy. Which of the following should be the FIRST consideration?
A. Ensuring IoT usage in the industry has been analyzed
B. Ensuring IoT can be used in current revenue streams
C. Ensuring solution providers and their IoT use cases have been researched
D. Ensuring initial approvals are limited to small IoT projects to gain experience
The BEST way to determine the effectiveness of an enterprise's IT governance framework is by assessing the:
A. value of IT contribution.
B. maturity of IT processes.
C. application of IT standards.
D. compliance to IT policy.
An enterprise is implementing its FIRST mobile sales channel. Final approval for accepting the associated IT risk should be obtained from which of the following?
A. IT steering committee
B. Chief information officer
C. Business sponsor
D. Risk manager
Which of the following issues identified during an IT review is MOST important to address to improve the alignment between the business and IT?
A. Services in the IT portfolio are not traceable to the IT strategy.
B. IT strategy reviews are conducted only after business strategy changes.
C. Business satisfaction surveys are not conducted regularly.
D. IT dashboards have not been established.
When establishing a methodology for business cases, it would be MOST beneficial for an enterprise to include procedures for:
A. addressing required changes outside the business case.
B. updating the business case throughout its life cycle.
C. identifying metrics post-implementation to measure project success.
D. entering the business case into the enterprise architecture.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Isaca exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CGEIT exam preparations and Isaca certification application, do not hesitate to visit our Vcedump.com to find your solutions here.