Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!

CGEITFree trial

By isaca

Verified

25Q per page

Question 26

Before establishing IT key risk indicators, which of the following should be defined FIRST?

A: IT risk and security framework
B: IT key performance indicators
C: IT goals and objectives
D: IT resource strategy

—

Question 27

Which of the following should be the FIRST step for executive management to take in communicating what is considered acceptable use with regard to personally owned devices for company business?

A: Post awareness messages throughout the facility.
B: Develop and disseminate an applicable policy.
C: Provide training on how to protect data on personal devices.
D: Require employees to read and sign a disclaimer.

—

Question 28

An enterprise's strategic change requires an IT strategic initiative re-evaluation. Which of the following BEST indicates that an established IT governance framework could handle the re-evaluation?

A: Creation of an IT steering committee to align the IT strategic initiatives to the recent change
B: Inclusion of IT portfolio management procedures with strategic change review activities
C: Development of a business case to evaluate the impact of the strategic change
D: Holding IT investments until an analysis of the strategic change impact was complete

—

Question 29

Which of the following BEST indicates that a change management process has been implemented successfully?

A: Degree of control
B: Outcome measures
C: Process performance
D: Maturity levels

—

Question 30

To meet the growing demands of a newly established business unit, IT senior management has been tasked with changing the current IT organization model to service-oriented. With significant growth expected of the IT organization, which of the following is the MOST important consideration when planning for long-term
IT service delivery?

A: The IT organization is able to sustain business requirements.
B: IT is able to provide a comprehensive service catalog to the business.
C: The IT service delivery model is approved by the business.
D: An IT risk management process is in place.

—

Question 31

Which of the following would be the BEST way for an enterprise to address new legal and regulatory requirements applicable to IT?

A: Benchmark how other IT organizations are treating the new requirements.
B: Adopt a zero-tolerance approach for noncompliance with regulatory matters.
C: Treat as a risk to be assessed before developing a response.
D: Use a cost-benefit analysis to determine if compliance is warranted.

—

Question 32

Which of the following BEST enables the alignment of IT and enterprise strategy?

A: Project portfolio management
B: IT resource planning
C: IT performance monitoring and reporting
D: Enterprise compliance audits

—

Question 33

Which of the following would provide the BEST input for prioritizing strategic IT improvement initiatives?

A: Business case evaluation
B: Business process analysis
C: Business impact analysis
D: Business dependency assessment

—

Question 34

An enterprise has decided to utilize a cloud vendor for the first time to provide email as a service, eliminating in-house email capabilities. Which of the following IT strategic actions should be triggered by this decision?

A: Update and communicate data storage and transmission policies.
B: Develop a data protection awareness education training program.
C: Monitor outgoing email traffic for malware.
D: Implement a data classification and storage management tool.

—

Question 35

Which of the following is the BEST IT architecture concept to ensure consistency, interoperability, and agility for infrastructure capabilities?

A: Establishment of an IT steering committee
B: Standards-based reference architecture and design specifications
C: Design of policies and procedures
D: Establishment of standard vendor and technology designations

—

Question 36

An enterprise is implementing its FIRST mobile sales channel. Final approval for accepting the associated IT risk should be obtained from which of the following?

A: IT steering committee
B: Chief information officer
C: Business sponsor
D: Risk manager

—

Question 37

Who should be accountable for quantifying the business impact of a potential breach of a server containing retail transactions for the last year?

A: Information systems security officer
B: Head of retail
C: Chief risk officer
D: Chief information officer

—

Question 38

The use of an enterprise architecture framework BEST supports IT governance by providing:

A: key information for IT service level management.
B: IT standards for application development.
C: business information for IT capacity planning.
D: reference models to align IT with business.

—

Question 39

Which of the following is the MOST appropriate mechanism for measuring overall IT organizational performance?

A: IT balanced scorecard
B: Service level metrics
C: Maturity model
D: IT portfolio return on investment

—

Question 40

The PRIMARY reason for periodically evaluating IT resource staffing requirements is to:

A: ensure the enterprise has sufficient resources to address changing business and IT needs.
B: ascertain the IT function has sufficient skilled staff to maintain daily operations.
C: verify that human resource recruitment and retention processes meet enterprise IT objectives.
D: confirm IT-related responsibilities are defined for the enterprise's business and IT staff.

—

Question 41

A CEO wants to establish a governance framework to facilitate the alignment of IT and business strategies. Which of the following should be a KEY requirement of this framework?

A: A service delivery strategy
B: Defined resourcing levels
C: A defined enterprise architecture
D: An outsourcing strategy

—

Question 42

Which of the following is MOST critical for sustaining a newly implemented IT governance program?

A: Launch an enterprise-wide IT governance awareness program.
B: Designate a board representative to sponsor the IT governance program.
C: Ensure that there are IT policies, procedures, and standards in place.
D: Benchmark the program periodically against industry peers.

—

Question 43

Reviewing which of the following should be the FIRST step when evaluating the possibility of outsourcing an IT system?

A: Outsourcing strategy
B: IT staff skill sets
C: Outsourced business processes
D: Service level agreements (SLAs)

—

Question 44

Which of the following should be the PRIMARY goal of implementing service level agreements (SLAs) with an outsourcing vendor?

A: Establishing penalties for not meeting service levels
B: Complying with regulatory requirements
C: Achieving operational objectives
D: Gaining a competitive advantage

—

Question 45

Of the following, the BEST response to the absence of a data security breach notification by a service provider is to contractually require that:

A: security incidents identified by the provider be reported.
B: security related key performance indicators be included in all service level agreements.
C: security incident information be shared only on a need-to-know basis.
D: a registry of all security breaches be maintained by the service provider.

—

Question 46

Which of the following should be the MOST essential consideration when outsourcing IT services?

A: Alignment with existing HR policies and practices
B: Adoption of a diverse vendor selection process
C: Identification of core and non-core business processes
D: Compliance with enterprise architecture

—

Question 47

A multinational enterprise is planning to migrate to cloud-based systems. Which of the following should be of MOST concern to the risk management committee?

A: Resource alignment
B: Security breaches
C: Regulatory compliance
D: Cost considerations

—

Question 48

In a large enterprise, which of the following should be responsible for the implementation of an IT balanced scorecard?

A: IT steering committee
B: Chief risk officer
C: Project management office
D: Chief information officer

—

Question 49

The approval of an enterprise risk management framework is the role of the:

A: chief information officer.
B: chief risk officer.
C: IT steering committee
D: board of directors.

—

Question 50

The BEST way to determine the effectiveness of an enterprise's IT governance framework is by assessing the:

A: value of IT contribution.
B: maturity of IT processes.
C: application of IT standards.
D: compliance to IT policy.

—

Page 2 of 15 • Questions 26-50 of 363

←

1 2 3 4 5

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!