QUESTION 121
Which of the following should be the FIRST course of action by a government agency when planning to procure a modern Al solution that will be used for provision of services to the public?
A. Assign a business system owner for Al capability.
B. Develop responsible practices for how the agency procures Al.
C. Benchmark the enterprise’s procurement practices with private enterprises.
D. Perform a gap analysis of required skills to introduce Al to the agency.
Correct Answer: B
QUESTION 122
Which of the following is MOST useful when preparing to mitigate a security breach affecting customer information?
A. Data flow maps
B. Vulnerability register
C. Information asset register
D. Cybersecurity insurance
Correct Answer: A
QUESTION 123
To facilitate effective IT governance, which of the following should be included as a regular board of directors’ meeting agenda item? An update on the current:
A. enterprise’s technology obsolescence.
B. IT resource utilization.
C. IT investment portfolio.
D. service level agreements (SLAS).
Correct Answer: C
QUESTION 124
Which of the following is the MOST effective way to mitigate the risk associated with Software as a Service (SaaS) deployment?
A. Adopt a tailored risk management framework for the Saas model.
B. Identify potential security threats from the cloud-based environment.
C. Develop key risk indicators (KRIs) for the deployment.
D. Ensure alignment with enterprise risk policies.
Correct Answer: A
QUESTION 125
A data custodian is responsible for which of the following?
A. Managing costs and optimizing data operations
B. Taking action to enable data retention
C. Maintaining privacy and avoiding misuse
D. Implementing data loss prevention (DLP)
Correct Answer: B
QUESTION 126
Which of the following presents the GREATEST security risk related to the use of public cloud services from a third-party service provider?
A. The service provider facility does not use biometric access.
B. Security responsibilities are not included in the contract.
C. Right to audit is not included in the contract.
D. The service provider certification report is not available.
Correct Answer: B
QUESTION 127
Which of the following BEST supports the monitoring of benefits realization from IT investments?
A. Aligning outcomes from IT-related investments with IT goals
B. Aligning IT strategy with business growth objectives
C. Aligning key performance indicators (KPIs) with business cases
D. Aligning service level agreements (SLAS) with customer needs
Correct Answer: C
QUESTION 128
An IT department has identified events that could lead to a major outage of a key business application. Of the following, who is accountable for determining the risk response?
A. Business line executive
B. Chief information officer (CIO)
C. Director of IT applications
D. Chief risk officer (CRO)
Correct Answer: A
QUESTION 129
Which of the following IT governance actions is the BEST way to minimize the likelihood of IT failures jeopardizing the corporate value of an IT-dependent organization?
A. Define IT performance management measures.
B. Benchmark IT strategy against industry peers.
C. Install an IT continuous monitoring solution.
D. Implement an IT risk management framework.
Correct Answer: D
QUESTION 130
An IT strategy committee is conducting a major revision of the IT strategic plan to better align with the evolving lines of business. What should the committee agree to before starting the revision?
A. Current IT performance measures
B. IT service-level targets
C. A governance framework
D. Enterprise risk appetite
Correct Answer: D
QUESTION 131
Implementing a code of conduct and ethics program is MOST likely to result in which of the following outcomes?
A. Enhanced guidance for conflict-of-interest situations
B. Enhanced performance management processes
C. Enhanced compliance with the risk management framework
D. Enhanced employee satisfaction survey results
Correct Answer: A
QUESTION 132
Which of the following is the BEST course of action to enable effective resource management?
A. Assign resources based on business priorities.
B. Conduct an enterprise risk assessment
C. Assign resources based on risk appetite.
D. Implement a cross-training program.
Correct Answer: A
QUESTION 133
A global organization has noticed a significant decrease in the return on IT investments in a particular region. To enhance project governance in this region, the CEO should FIRST:
A. perform a program benefit calculation and review the project selection methodology.
B. suspend funding until project managers from better-performing regions can be assigned.
C. work with the region’s leadership to better understand why the situation has occurred.
D. perform an independent review of business cases for each current and proposed project in the region.
Correct Answer: C
QUESTION 134
Which of the following BEST enables the alignment of user access rights with business requirements?
A. Maturity model
B. System design
C. Data classification policy
D. Data architecture model
Correct Answer: C
QUESTION 135
Despite an adequate training budget, IT staff are not keeping skills current with emerging technologies critical to the business. Which of the following is the BEST way for the enterprise to address this situation?
A. Provide incentives for IT staff to attend outside conferences and training.
B. Establish an agreed-upon skills development plan with each employee.
C. Create a standard-setting center of excellence for IT.
D. Require human resources (HR) to recruit new talent using an established IT skills matrix.
Correct Answer: B
QUESTION 136
When developing IT risk management policies and standards, it is MOST important to align them with:
A. enterprise goals and objectives.
B. the corporate risk culture.
C. the enterprise risk management (ERM) framework.
D. best practices for IT risk management.
Correct Answer: C
QUESTION 137
An enterprise’s IT director is concerned that the chair of the IT steering committee is stealing confidential company information. Which of the following is the IT director’s BEST course of action?
A. Conduct an investigation to substantiate the chair’s activities.
B. File a report with the local law enforcement agency.
C. Report the concern to the ethics hotline.
D. Discuss the concern with the chair directly.
Correct Answer: C
QUESTION 138
Which of the following provides the BEST assurance on the effectiveness of IT service management processes?
A. Continuous monitoring
B. Compliance with internal controls
C. Key risk indicators (KRIs)
D. Performance of incident response
Correct Answer: A
QUESTION 139
An enterprise is evaluating both a virtual reality (VR) project and an augmented reality (AR) project. Which of the following should be the MOST important objective when evaluating these two projects within IT portfolio management?
A. Reducing the risk exposure of the projects
B. Maximizing the earned value of IT investments
C. Determining which IT project to discontinue
D. Implementing efficient and effective solutions
Correct Answer: B
QUESTION 140
An enterprise recently experienced a major breach that was a escalated effectively. However, the recovery took far longer than expected, resulting in significant financial loss. Which of the following is MOST likely the root cause of this scenario?
A. Key performance indicators (KPIs) were not regularly monitored.
B. The business continuity plan (BCP) was not recently tested.
C. The disaster recovery plan (DRP) was not routinely updated.
D. The recovery point objective (RPO) was not established.
Correct Answer: C
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.