CGEIT Online Practice Questions and Answers

Which of the following is the MOST effective means for IT management to report to executive management regarding the value of IT?

A. IT process maturity level

B. Cost-benefit analysis

C. Resource assessment

D. Balanced scorecard

Which of the following is the GREATEST benefit of using a quantitative nsk assessment method?

A. It uses resources more efficiently

B. It can be used to assess risks against non-tangible assets

C. It reduces subjectivity

D. It helps in prioritizing risk response action plans

A new and expanding enterprise has recently received a report indicating 90% of its data has been collected in just the last six months, triggering data breach and privacy concerns. What should be the IT steering committee's FIRST course of action to ensure new data is managed effectively?

A. Mitigate and track data-related issues and risks.

B. Modify legal and regulatory data requirements.

C. Define data protection and privacy practices.

D. Assess the information governance framework.

To enable the development of required IT skill sets for the enterprise, it is MOST important to define skill requirements based on:

A. training needs.

B. one set of skills applicable to all IT staff.

C. a best practices framework.

D. each role within the IT department.

An enterprise's internal audit group has scheduled a control review of a payroll system project but has been told to wait until the system is implemented. Which of the following is the GREATEST risk associated with the delay?

A. delay in the development of new key performance indicators (KPIs)

B. Continued dependency on compliant legacy systems

C. Increased cost to mitigate deficiencies

D. Lack of adherence to industry best practices

A large organization with branches across many countries is in the midst of an enterprise resource planning (ERP) transformation. The IT organization receives news that the branches in a country where the impact to the enterprise is to be greatest are being sold. What should be the NEXT step?

A. Update the ERP business case and re-evaluate the ROI.

B. Cancel the ERP transformation and re-allocate project funds.

C. Adjust the ERP implementation plan and budget.

D. Continue with the ERP migration according to plan.

The use of an enterprise architecture (EA) framework BEST supports IT governance by providing:

A. key information for IT service level management.

B. reference models to align IT with business.

C. IT standards for application development

D. business information for IT capacity planning.

Due to the recent introduction of personal data protection regulations, an enterprise is required to maintain its employee data in production systems only for a limited time. Which of the following is MOST important to review?

A. Asset retention policies

B. Information retention policies

C. Data archival policies

D. Data backup and restoration policies

A multinational enterprise is planning to migrate to cloud-based systems. Which of the following should be of MOST concern to the risk management committee?

A. Cost considerations

B. Regulatory compliance

C. Resource alignment

D. Security breaches

A regulatory audit assessed an enterprise's main transactional application as noncompliant. In addition to fines and required corrections, an agreement was reached to implement a set of governance controls over IT. Accountability for these controls is BEST assigned to which of the following?

A. CIO

B. Internal audit director

C. Application users

D. The board of directors