QUESTION 61
Which aspect of IT governance may require a change in the corporate-wide culture?
A. Requiring signed acknowledgment of the code of conduct policy
B. Implementing enterprise-wide IT control practices
C. Optimizing the IT risk management framework
D. Establishing revised IT performance objectives
Correct Answer: B
QUESTION 62
Which of the following is an ESSENTIAL element of effective IT program portfolio management?Which of the following is an ESSENTIAL element of effective IT program portfolio management?
A. An established balanced scorecard method
B. The allocation of operating expenditures
C. The resource allocation and prioritization method
D. A defined sourcing strategy and policy
Correct Answer: C
QUESTION 63
A new CEO is made aware of a lack of cooperation between IT and business units and needs to take action to enable more efficient IT delivery of solutions to support the business should be the FIRST step to address this concern?
A. Implement a continuous auditing policy for IT initiatives.
B. Introduce IT related key performance indicators (KPIs).
C. Clarify roles and assign accountabilities for results.
D. Establish business user group training for increased collaboration.
Correct Answer: C
QUESTION 64
An international enterprise has recently acquired another entity in a new country, and efforts are currently underway to realign the various components of the governance framework. Which of the following is MOST important to the successful update of the enterprise risk framework?
A. Understanding differences in the regulatory environment of the acquired entity
B. Considering the merged organization’s culture
C. Including members of both organizations on the risk committee
D. Defining and implementing combined key risk indicators (KRIs)
Correct Answer: A
QUESTION 65
large enterprise has decided to use an emerging technology that needs to be integrated with the current IT infrastructure. Which of the following is the BEST way to prevent adverse effects to the enterprise resulting from the new technology?
A. Implement service level agreements (SLAs).
B. Update the risk appetite statement.
C. Develop key performance indicators (KPIs).
D. Develop key risk indicators (KRIs).
Correct Answer: D
QUESTION 66
From an IT governance perspective, what is MOST important to ensure when deploying an emerging technology?
A. The balanced scorecard is updated.
B. Technology documentation is available.
C. A benchmark assessment is completed.
D. Appropriate staff training is provided.
Correct Answer: D
QUESTION 67
Which of the following is the BEST way to ensure effective stakeholder participation in IT initiatives?
A. Document stakeholder roles in their performance objectives.
B. Copy stakeholders on key IT initiative communications.
C. Ensure project charters include clearly defined roles and responsibilities.
D. Ensure active business representation on the IT steering committee.
Correct Answer: C
QUESTION 68
An enterprise must develop a new IT strategy to reflect the business’s change of direction toward an immature emerging technology market. Which of the following should be done FIRST?
A. Update key risk indicators (KRIs).
B. Develop a new balanced scorecard.
C. Update the business impact analysis (BIA).
D. Review the risk appetite statement.
Correct Answer: D
QUESTION 69
A CIO with concerns about shadow IT has learned that the procurement department has not been consulting IT when a business stakeholder wishes to purchase new technology. Which of the following IS the CIO’s BEST course of action?
A. Instruct the procurement department not to honor shadow IT requests.
B. Inform key stakeholders that IT will prevent access to any unapproved IT systems or devices.
C. Mandate procurement department training on the risk associated with the use of shadow IT.
D. Establish a policy that requires IT involvement in any IT-related procurement decisions.
Correct Answer: D
QUESTION 70
Which of the following is the MOST efficient method to determine the impact of regulatory noncompliance on IT objectives?
A. Controls gap assessment
B. Earned value analysis (EVA)
C. Qualitative risk assessment
D. Internal audit review
Correct Answer: A
QUESTION 71
Which of the following is the BEST way for a CIO to ensure that IT is ready to support a completely new enterprise business model?
A. Conduct an IT risk assessment.
B. Benchmark against peer IT organizations.
C. Perform an IT SWOT analysis.
D. Update the enterprise data architecture.
Correct Answer: D
QUESTION 72
An enterprise has an overarching enterprise architecture (EA) document. The CIO is concerned that EA is not leveraged in recent IT-enabled investments. Which of the following would BEST help to address these concerns and enforce the leveraging of enterprise architecture (EA)?
A. Publish and train on the enterprise architecture document.
B. Adopt a globally-recognized enterprise architecture framework.
C. Form a team to update enterprise architecture regularly.
D. Require enterprise architecture review at key milestones.
Correct Answer: D
QUESTION 73
An IT steering committee is evaluating which IT services should be approved for inclusion in the IT portfolio. Which of the following should be the MOST important consideration when making this decision?
A. Project costs
B. Ongoing maintenance costs
C. Earned value estimates
D. Return on investment (ROI)
Correct Answer: D
QUESTION 74
Which of the following would BEST facilitate the development of data protection controls across an enterprise?
A. Assigned data ownership
B. Enterprise-wide data encryption requirements
C. An enterprise data governance framework
D. Industry best practices for data management
Correct Answer: C
QUESTION 75
In response to a new enterprise strategy that leverages artificial intelligence (Al) to create new products, an IT governance team has been tasked with providing a technology framework that addresses the related ethical concerns. Which of the following principles is MOST important to apply when developing this framework?
A. Ensure all employees are trained on data protection and ethical practices specific to Al.
B. Laws and regulations relating to Al ethics should be addressed in the product development life cycle.
C. The societal impact of the new product line should be treated as business risk and monitored continuously during the product life cycle.
D. Separation of duties between the product technology teams and internal system technology teams should be preserved.
Correct Answer: C
QUESTION 76
A business unit within an enterprise has directly contracted with a cloud service provider to process sensitive customer information. The CIO later identifies a serious risk of potential data compromise due to the vendor’s insufficient separation of environments and lack of strong access controls. The FIRST course of action should be to:
A. immediately suspend sending of data to the cloud service provider.
B. notify internal audit of the risk.
C. discuss the risk with the vendor to determine mitigation actions.
D. inform the business process owner of the risk.
Correct Answer: C
QUESTION 77
Which of the following would BEST address the anticipated resistance associated with the introduction of IT governance practices in an enterprise with a low level of process maturity?
A. A program designed to enable changes
B. An update to job descriptions
C. Rollout of an incentive program
D. Adoption of an Agile project methodology
Correct Answer: A
QUESTION 78
An executive sponsor of a partially completed IT project has learned that the financial assumptions supporting the project have changed. Which of the following governance actions should be taken FIRST?
A. Re-evaluate the project in the portfolio.
B. Request a risk assessment.
C. Request an update to the business case.
D. Schedule an interim project review.
Correct Answer: C
QUESTION 79
An enterprise uses different systems to keep track of assets, service and change requests, personnel, and accounting. Using which of the following would BEST ensure these systems can be used together for performance measurement, reporting, and monitoring?
A. Metadata modeling procedures
B. Enterprise architecture (EA)
C. A change advisory board
D. An asset management database
Correct Answer: B
QUESTION 80
Which of the following should have the MOST influence on a CIO’s decision when considering the introduction of a new technology?
A. IT balanced scorecard
B. Existing enterprise architecture (EA)
C. Enterprise project management framework
D. Industry benchmarks
Correct Answer: D
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.