Certified in the Governance of Enterprise IT v1.0 (CGEIT)

Page:    1 / 23   
Total 341 questions

An enterprise's board of directors can BEST manage enterprise risk by:

  • A. mandating board-approved enterprise risk management (ERM) modifications.
  • B. requiring the establishment of an enterprise-wide program management office.
  • C. ensuring the cost-effectiveness of the internal control system.
  • D. requiring the establishment of an enterprise risk management (ERM) framework.


Answer : D

Reference:
https://www.coso.org/documents/COSOBoardsERM4pager-FINALRELEASEVERSION82409_001.pdf

An IT investment review board wants to ensure that IT will be able to support business initiatives. Each initiative is comprised of several interrelated IT projects.
Which of the following would help ensure that the initiatives meet their goals?

  • A. Verification of initiatives against the architecture
  • B. Review of the business case for each initiative
  • C. Establishment of portfolio management
  • D. Review of project management methodology


Answer : C

Reference:
https://www.pmi.org/learning/library/proven-project-portfolio-management-process-8503

Which of the following is MOST critical to support IT governance cultural changes within an organization?

  • A. IT governance process manuals
  • B. Regularly scheduled governance training
  • C. Demonstrated management commitment
  • D. Established IT monitoring and measuring


Answer : D

An enterprise has decided to use third-party software for a business process which is hosted and supported by the same third party. The BEST way to provide quality of service oversight would be to establish a process:

  • A. to qualify service providers.
  • B. for enterprise architecture updates.
  • C. for robust change management.
  • D. for periodic service provider audits.


Answer : A

In a successful enterprise that is profitable in its marketplace and consistently growing in size, the non-IT workforce has grown by 50% in the last two years. The demand for IT staff in the marketplace is more than the supply, and the enterprise is losing staff to rival organizations. Due to the rapid growth, IT has struggled to keep up with the enterprise, and IT procedures and associated job roles are not well-defined. The MOST critical activity for reducing the impact caused by IT staff turnover is to:

  • A. outsource the IT operation.
  • B. increase compensation for IT staff.
  • C. hire temporary staff.
  • D. document processes and procedures.


Answer : D

A business has outsourced IT operations to several third-party providers, but service level agreements (SLAs) are not clearly defined in all cases. Which of the following is the GREATEST risk to the business?

  • A. Third parties could provide overlapping services.
  • B. Quality of services is not enforceable.
  • C. The scope of work is not clearly defined.
  • D. Costs are not measurable.


Answer : B

A large enterprise has been experiencing high turnover of skilled IT personnel, resulting in a significant loss of knowledge within the IT department. Which of the following should be done FIRST to address this problem?

  • A. Conduct a survey of current IT staff.
  • B. Revise the IT resource management plan.
  • C. Update human resources policies and practices.
  • D. Develop an incentive scheme for IT employees.


Answer : A

A newly established IT steering committee is concerned whether or not a system is meeting availability objectives. Which of the following will provide the BEST information to make an assessment?

  • A. Critical success factors
  • B. Balanced scorecard
  • C. Performance indicators
  • D. Capability maturity levels


Answer : D

Following a major IT incident that resulted in a loss to the enterprise, a CIO is preparing for a meeting with the board of directors to discuss what may have failed internally. Which of the following should the CIO do FIRST to provide assurance to the board?

  • A. Review the IT control environment.
  • B. Ensure IT and enterprise risk management alignment.
  • C. Review the incident response policy.
  • D. Verify continuous monitoring is being performed.


Answer : B

A newly appointed CIO has issued a new IT strategic plan. Which of the following would be the MOST effective way for the CIO to ensure the IT management team is held accountable for the delivery of the plan?

  • A. Provide management training on IT strategic objectives.
  • B. Revise the managers' performance goals to include key objectives.
  • C. Enforce disciplinary action for managers if the plan is not delivered.
  • D. Update the IT balanced scorecard with key objectives.


Answer : B

Which of the following is the PRIMARY ongoing responsibility of the IT governance function related to risk?

  • A. Responding to and controlling all IT risk events
  • B. Verifying that all business units have staff skilled at assessing risk
  • C. Communicating the enterprise risk management plan
  • D. Ensuring IT risk management is aligned with business risk appetite


Answer : C

Which of the following is the BEST outcome measure to determine the effectiveness of IT risk management processes?

  • A. Time lag between when IT risk is identified and the enterprise's response
  • B. Percentage of business users satisfied with the quality of risk training
  • C. Frequency of updates to the IT risk register
  • D. Number of events impacting business processes due to delays in responding to risks


Answer : A

The BEST way for a CIO to monitor the alignment between the business and IT strategy is to regularly review:

  • A. IT services supporting business processes.
  • B. the balanced scorecard.
  • C. key risk indicators (KRIs).
  • D. the risk register.


Answer : A

Which of the following is PRIMARILY achieved through performance measurement?

  • A. Process improvement
  • B. Benefit realization
  • C. Cost efficiency
  • D. Transparency


Answer : A

While assessing the feasibility of introducing new IT practices and standards into the IT governance framework, it is CRITICAL to understand an organization's:

  • A. maturity of IT processes.
  • B. culture.
  • C. enterprise architecture.
  • D. level of outsourcing.


Answer : C

Page:    1 / 23   
Total 341 questions