Pass the Isaca Isaca Certification CGEIT Questions and answers with CertsForce

Viewing page 5 out of 14 pages
Viewing questions 61-75 out of questions
Questions # 61:

An enterprise's board of directors is concerned about the ongoing costs of a large inventory of Internet of Things (IoT) devices. Which of the following should the CIO do FIRST?

Options:

A.

Implement performance measures for each IoT device


B.

Suggest replacing IoT devices that are too expensive


C.

Assess the benefits of IoT capabilities


D.

Reduce the budget for IoT capability to meet stakeholder expectations


Expert Solution
Questions # 62:

Which of the following is the MOST important consideration when integrating a new vendor with an enterprise resource planning (ERP) system?

Options:

A.

IT senior management selects the vendor.


B.

A vendor risk assessment is conducted


C.

ERP data mapping is approved by the enterprise architect.


D.

Procurement provides the terms of the contract.


Expert Solution
Questions # 63:

An enterprise is required to implement several regulatory requirements. Which of the following functions is BEST suited to determine compliance priorities?

Options:

A.

Legal counsel


B.

The IT risk department


C.

The audit department


D.

Business units


Expert Solution
Questions # 64:

Which of the following BEST enables an enterprise to determine an appropriate retention policy for its information assets?

Options:

A.

Business and compliance requirements


B.

Business storage and processing needs


C.

Backup and restoration capabilities


D.

External customer data retention requirements


Expert Solution
Questions # 65:

An enterprise recently experienced a major breach that was escalated effectively. However, the recovery took far longer than expected, resulting in significant financial loss. Which of the following is MOST likely the root cause of this scenario?

Options:

A.

Key performance indicators (KPIs) were not regularly monitored


B.

The recovery point objective (RPO) was not established


C.

The disaster recovery plan (DRP) was not routinely updated


D.

The business continuity plan (BCP) was not recently tested


Expert Solution
Questions # 66:

Which of the following should be considered FIRST when assessing the implications of new external regulations on IT compliance?

Options:

A.

IT policies and procedures that need revision


B.

Resource burden for implementation


C.

Gaps in skills and experience of IT employees


D.

Impact on contracts with service providers


Expert Solution
Questions # 67:

Which of the following should be the MOST essential consideration when outsourcing IT services?

Options:

A.

Identification of core and non-core business processes.


B.

Compliance with enterprise architecture (EA).


C.

Alignment with existing human resources (HR) policies and practices.


D.

Adoption of a diverse vendor selection process.


Expert Solution
Questions # 68:

Which of the following BEST provides an enterprise with greater insight into its environmental, social, and governance (ESG) metrics?

Options:

A.

Audit committee oversight


B.

Benchmarking against similar industries


C.

Collaborative tools and approaches


D.

Customer satisfaction surveys


Expert Solution
Questions # 69:

A company is considering selling products online, and the CIO has been asked to advise the board of directors of potential problems with this strategy. Which of the following is the ClO's BEST course of action?

Options:

A.

Review the security framework.


B.

Conduct a return on investment (ROI) analysis.


C.

Review the enterprise architecture (EA).


D.

Perform a risk assessment.


Expert Solution
Questions # 70:

A large organization with branches across many countries is in the midst of an enterprise resource planning (ERP) transformation. The IT organization receives news that the branches in a country where the impact to the enterprise is to be greatest are being sold. What should be the NEXT step?

Options:

A.

Update the ERP business case and re-evaluate the ROI.


B.

Cancel the ERP transformation and re-allocate project funds.


C.

Adjust the ERP implementation plan and budget.


D.

Continue with the ERP migration according to plan.


Expert Solution
Questions # 71:

An IT audit reveals inconsistent maintenance of data privacy in enterprise systems primarily due to a lack of data sensitivity categorizations. Once the categorizations are defined, what is the BEST long-term strategic response by IT governance to address this problem?

Options:

A.

Standardize data classification processes throughout the enterprise.


B.

Incorporate enterprise privacy categorizations into contracts.


C.

Require business impact analyses (BIAs) for enterprise systems.


D.

Reassess the data governance policy.


Expert Solution
Questions # 72:

In a large enterprise, which of the following is the MOST effective way to understand the business activities associated with the enterprise's information architecture?

Options:

A.

Reviewing IT design with business process managers


B.

Reviewing business strategy with senior management


C.

Mapping business processes within a framework


D.

Aligning business objectives to organizational strategy


Expert Solution
Questions # 73:

An IT risk assessment for a large healthcare group revealed an increased risk of unauthorized disclosure of information. Which of the following should be established FIRST to address the risk?

Options:

A.

Data encryption tools


B.

Data loss prevention tools


C.

Data classification policy


D.

Data retention policy


Expert Solution
Questions # 74:

Best practice states that IT governance MUST:

Options:

A.

enforce consistent policy across the enterprise.


B.

be applied in the same manner throughout the enterprise.


C.

apply consistent target levels of maturity to processes.


D.

be a component of enterprise governance.


Expert Solution
Questions # 75:

Which of the following would be the BEST way to facilitate the adoption of strong IT governance practices throughout a multi-divisional enterprise?

Options:

A.

Ensuring each divisional policy is consistent with corporate policy


B.

Ensuring divisional governance fosters continuous improvement processes


C.

Mandating data standardization across the distributed enterprise


D.

Documenting and communicating key management practices across divisions


Expert Solution
Viewing page 5 out of 14 pages
Viewing questions 61-75 out of questions