QUESTION 101
Which of the following enterprise risks is PRIMARILY mitigated by monitoring the server capacity of IT resources?
A. Cost overruns
B. Cyberattacks
C. Regulatory noncompliance
D. Denial of service (DoS)
Correct Answer: D
QUESTION 102
An enterprise’s audit of software license usage reveals a significant number of expensive software licenses are not being used. Which of the following should be reviewed FIRST?
A. Software implementation plans
B. License agreements
C. Forecasting models
D. Business cases
Correct Answer: D
QUESTION 103
A CIO has identified opportunities for improving the performance of several IT initiatives that would exceed the allocated budget. Which of the following is the BEST course of action to positively impact IT project performance?
A. Conduct risk-based selection of improvement initiatives.
B. Revise the business case to address the improvements.
C. Migrate the IT projects to the external cloud to reduce costs.
D. Absorb the cost overages as operating expenses.
Correct Answer: A
QUESTION 104
Which of the following is the BEST way to support effective IT portfolio management?
A. Map IT objectives to project outcomes.
B. Implement a project management framework.
C. Perform a cost-benefit analysis for each IT investment.
D. Include risk assessments in project business cases.
Correct Answer: C
QUESTION 105
Which of the following is the MOST important success factor when adopting an enterprise IT governance framework?
A. Using a globally-accepted IT governance framework
B. Implementing an enterprise risk management (ERM) framework
C. Aligning to the enterprise-specific business environment
D. Complying with legal and regulatory requirements
Correct Answer: C
QUESTION 106
A large enterprise has decided to update a core financial system. From a governance perspective, which of the following presents the GREATEST risk to its strategic alignment?
A. Compatibility issues with legacy systems
B. Lack of stakeholder engagement
C. Unclear project key performance indicators (KPIs)
D. Undefined risk management processes
Correct Answer: B
QUESTION 107
A newly appointed chief information officer (CIO) is faced with significant challenges including enterprise-wide shadow IT and an upcoming acquisition that will double the size of the IT workforce. Which of the following should the CIO do FIRST to develop an actionable IT strategy?
A. Review current performance metrics and service levels.
B. Understand the key goals and expectations.
C. Meet with IT staff to identify gaps and inconsistencies.
D. Benchmark IT against similarly sized organizations.
Correct Answer: B
QUESTION 108
A business is considering a policy to anonymize personal data in enterprise systems. Before making decision, which of the following is MOST important for the IT steering committee to review?
A. Privacy impact assessment (PIA) results
B. Information security assessments
C. Potential penalty costs for data breaches
D. Available budget for security initiatives
Correct Answer: A
QUESTION 109
A CIO has been tasked with leading a program to digitize an enterprise’s processes. The program has encountered repeated implementation delays due to a lack of business resource availability. What is MOST important to do before escalating to executive management?
A. Benchmark digitization by competing enterprises.
B. Identify program priorities to adjust the schedule.
C. Quantify the impact of the ongoing delays.
D. Implement a set of IT key risk indicators (KRIs) for the program.
Correct Answer: C
QUESTION 110
Which of the following would provide the MOST useful information for determining the necessary skills and competencies required of an enterprise’s IT department?
A. Current IT job descriptions
B. IT portfolio
C. Audit report findings
D. Training requests from IT employees
Correct Answer: B
QUESTION 111
An enterprise is considering the purchase of a new application that offers a competitive advantage but is not compatible with other major IT systems. Before a decision is made, which of the following should be reviewed FIRST?
A. Enterprise risk appetite
B. Business requirements
C. IT asset inventory
D. Information architecture
Correct Answer: B
QUESTION 112
A new IT initiative is delivered successfully. Which of the following should be updated to reflect the new technology?
A. IT strategy
B. Balanced scorecard
C. IT tactical plan
D. Enterprise architecture (EA)
Correct Answer: D
QUESTION 113
In a large enterprise, who is accountable to establish realistic IT performance measurements that align with business requirements?
A. Internal audit
B. CIO
C. IT steering committee
D. CRO
Correct Answer: B
QUESTION 114
To support shift to a new, more risk-averse business strategy, an IT department has identified new process-based security controls that will be implemented over the next two months. Which of the following should be updated FIRST to ensure the controls are implemented correctly?
A. Key risk indicators (KRIs)
B. Training materials
C. Policies and procedures
D. Data classification tiers
Correct Answer: C
QUESTION 115
An enterprise has decided to invest in Internet of Things (IoT) technology as part of its strategic plan. Which of the following presents the GREATEST risk to consider as part of the technical risk management process?
A. Device performance
B. Technology obsolescence
C. Technology integration
D. Device vulnerabilities
Correct Answer: D
QUESTION 116
An ongoing project is on track according to project plan. However, a recent regulation change will have a major impact to the project. The project sponsor’s NEXT step should be to:
A. submit the project to the IT steering committee for reapproval.
B. rescope the project to remove work impacted by the regulation.
C. seek exemption from the appropriate regulatory body.
D. perform an impact analysis and update the business case.
Correct Answer: D
QUESTION 117
Which of the following is the FIRST step to implement IT resource management processes that align to the enterprise?
A. Developing guiding principles for allocation of resources and capabilities
B. Establishing well-defined management processes
C. Establishing monitoring procedures for allocation of resources and capabilities
D. Evaluating resource allocation and capabilities reporting needs
Correct Answer: A
QUESTION 118
Which of the following is the MOST important step in the procurement process to engage a cybersecurity service provider?
A. Providing access to organizational systems and data
B. Conducting a background check on the provider’s employees
C. Defining the scope of work
D. Negotiating the contract terms
Correct Answer: C
QUESTION 119
A CIO engages consulting firm to conduct a benchmark analysis of the organization’s IT governance framework against industry best practices. Several recommendations to improve the maturity of the framework are identified. Which of the following should be the CIO’s NEXT course of action?
A. Evaluate the feasibility of the recommendations.
B. Develop a plan to integrate the recommendations.
C. Appoint a project manager to implement the recommendations.
D. Obtain approval from the T steering committee to implement the recommendations.
Correct Answer: A
QUESTION 120
Which of the following is the BEST way to minimize the potential mishandling of customer personal information in a system that is located in a country with strict privacy regulations?
A. Establish new IT key risk indicators (KRIs).
B. Revise IT policies, standards, and procedures.
C. Consult the legal and compliance department.
D. Implement a SIEM solution.
Correct Answer: C
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.