Isaca CISA Certification CGEIT Questions & Answers

• Question 451:

  A company is considering selling products online, and the CIO has been asked to advise the board of directors of potential problems with this strategy. Which of the following is the ClO's BEST course of action?

  A. Review the security framework.

  B. Conduct a return on investment (ROI) analysis.

  C. Review the enterprise architecture (EA).

  D. Perform a risk assessment.

  Correct Answer: D

• Question 452:

  In an enterprise that has worldwide business units and a centralized financial control model, which of the following is a barrier to strategic alignment of business and IT?

  A. Each business unit has its own steering committee for IT investment and prioritization.

  B. Uniform portfolio management is in place throughout the business units.

  C. IT is the exclusive provider of IT services to the business units.

  D. The enterprise's CIO is a member of the executive committee.

  Correct Answer: A

• Question 453:

  Which of the following should be established FIRST so that data owners can consistently assess the level of data protection needed across the enterprise?

  A. Data encryption program

  B. Data risk management program

  C. Data retention policy

  D. Data classification policy

  Correct Answer: D

• Question 454:

  Which of the following is the MOST effective way for a CIO to govern business unit deployment of shadow IT applications in a cloud environment?

  A. Implement controls to block the installation of unapproved applications.

  B. Educate the executive team about the risk associated with shadow IT applications.

  C. Provide training to the help desk to identify shadow IT applications.

  D. Review and update the application implementation process.

  Correct Answer: B

• Question 455:

  Which of the following should be done FIRST when defining responsibilities for ownership of information and systems?

  A. Require an information risk assessment.

  B. Identify systems that are outsourced.

  C. Ensure information is classified.

  D. Require an inventory of information assets.

  Correct Answer: D

• Question 456:

  Val IT is a suite of documents that provide a framework for the governance of IT investments, produced by the IT Governance Institute (ITGI). It is a formal statement of principles and processes for IT portfolio management. Drag and drop the correct domain ('Portfolio management') next to the IT processes defined by Val IT.

  Select and Place:

  

  Correct Answer:

  

• Question 457:

  Drag and drop the various architecture domains for TOGAF at the appropriate places.

  Select and Place:

  

  Correct Answer:

  

• Question 458:

  The Information Technology Infrastructure Library (ITIL) is a set of concepts and policies for managing information technology (IT) infrastructure, development, and operations. Drag and drop the ITIL processes that focus on service operation,

  i.e. operational processes in Service Support, in the correct places.

  Select and Place:

  

  Correct Answer:

  

• Question 459:

  The Information Technology Infrastructure Library (ITIL) is a set of concepts and policies for managing information technology (IT) infrastructure, development, and operations. Drag and drop the ITIL processes that focus on service planning,

  i.e. tactical processes in Service Delivery, in the correct places.

  Select and Place:

  

  Correct Answer:

  

• Question 460:

  Choose and reorder the steps required in the development of business case.

  Select and Place:

  

  Correct Answer: