QUESTION 141
Which of the following is MOST important for the successful establishment of an ethics program?
A. Culture of accountability and responsibility
B. Clear mission and vision statements
C. Defined roles and responsibilities
D. Defined whistleblower processes
Correct Answer: A
QUESTION 142
When determining the desired maturity levels for IT governance processes, it is MOST important to:
A. agree on target levels in response to need.
B. ensure that maturity can be achieved at the lowest cost.
C. ensure target levels are in line with external competitor benchmarks.
D. focus on existing strengths as key drivers for the target levels.
Correct Answer: A
QUESTION 143
Which of the following is the MOST important course of action when initiating a procurement process for a Zero Trust solution?
A. Develop a contracting template for solution procurement.
B. Select an industry-recognized solution used by a benchmarked enterprise.
C. Conduct a thorough assessment of the vendor’s security practices.
D. Develop a comprehensive list of required features.
Correct Answer: D
QUESTION 144
An enterprise is concerned about the community impact of its data center noise levels. Which of the following is the enterprise’s BEST course of action?
A. Seek input from appropriate stakeholders.
B. Pursue acquisition of surrounding properties.
C. Wait for a formal complaint to be filed.
D. Proactively reduce after-hours operations.
Correct Answer: A
QUESTION 145
Which of the following should be the MAIN criteria when selecting a third party to manage a critical IT function?
A. Vendor pricing comes in below current in-house IT costs.
B. The vendor has a strong reputation in the industry.
C. The vendor brings its own risk and governance framework
D. The vendor possesses knowledge and experience of key needs.
Correct Answer: D
QUESTION 146
An enterprise’s board is concerned about the privacy risks associated with Al in its customer relationship management (CRM) system. Which of the following is the BEST course of action?
A. Update the risk framework to incorporate Al and emerging technologies.
B. Conduct a control gap assessment on customer data.
C. Request the hiring of privacy experts to improve risk monitoring.
D. Mandate that key risk scenarios be identified and analyzed.
Correct Answer: D
QUESTION 147
Which of the following is the MOST effective way for an enterprise to establish the measure of IT service effectiveness?
A. Operating level agreements
B. Key performance indicators (KPIs)
C. Service status reports
D. Key risk indicators (KRIS)
Correct Answer: B
QUESTION 148
Which of the following presents the GREATEST challenge for a large-scale enterprise when procuring Infrastructure as a Service (IaaS)?
A. Monitoring key performance indicators (KPIs)
B. Testing the vendor resiliency plan annually
C. Protecting the enterprise from labor liability
D. Ensuring the vendor meets corporate requirements
Correct Answer: D
QUESTION 149
Which of the following would BEST enable an enterprise to ensure selected cloud vendors meet stringent regulatory requirements?
A. Stage gate reviews
B. Third-party audit reports
C. Internal audit report
D. Risk assessment
Correct Answer: B
QUESTION 150
An audit department recently uncovered a series of security breaches. It was determined that network intrusion detection logs were recording the suspicious activity, but IT staff were not reviewing logs due to competing business demands. To address this situation, the IT steering committee’s FIRST priority should be.
A. updating the RACI chart to establish responsibility.
B. the hiring of additional staff to cope with the demand.
C. an assessment of the capacity of current resources.
D. a re-prioritization of IT projects to address critical needs.
Correct Answer: D
QUESTION 151
When considering a move to cloud services, which of the following is MOST important for the IT steering committee to review when authorizing the IT strategy?
A. Cost-benefit analysis
B. Enterprise architecture (EA)
C. Data classification requirements
D. Feedback from IT experts
Correct Answer: B
QUESTION 152
Which of the following situations provides the BEST justification for considering the adoption of a qualitative risk assessment method?
A. A higher risk tolerance level has been defined by enterprise leadership.
B. Determining a quantitative risk score would require complex calculations.
C. There are fewer information assets in the risk register.
D. It is cost prohibitive to obtain relevant historical quantitative data.
Correct Answer: D
QUESTION 153
An enterprise has developed an IT competency framework for its employees. Which of the following is the MOST important concern to be addressed?
A. The competency matrix does not align to job roles
B. Some of the employees have outdated IT certifications.
C. The competency matrix does not include outsourced IT roles.
D. Training metrics are not aligned to the competency matrix.
Correct Answer: A
QUESTION 154
An enterprise has launched a digitization effort requiring a single view of customer information across all product lines. Which of the following should be done FIRST to enable this initiative?
A. Modify the future state enterprise architecture (EA).
B. Assess the current data standards that are in use for applications.
C. Develop funding estimates for integrating applications.
D. Audit the infrastructure architecture for integration points
Correct Answer: B
QUESTION 155
Which of the following is MOST important to ensure when aligning IT and enterprise resource management processes?
A. IT provides input for business strategy development.
B. IT resource monitoring and oversight is in place.
C. IT sourcing processes are in place.
D. IT resources are mapped to business priorities.
Correct Answer: D
QUESTION 156
Which of the following is the GREATEST advantage of earned value management when used for evaluating benefits from the implementation of blockchain projects for IT contracts management?
A. It provides a measure of project progress that is easy to understand.
B. It automates project progress to reporting to business executives.
C. It eliminates potential risks related to project earnings.
D. It enables accurate forecasts of the number of blocks to be completed.
Correct Answer: A
QUESTION 157
When an enterprise outsources to a third-party data center, who is accountable for the governance of data retention controls for the data that has been transferred?
A. The third party’s control operators
B. The enterprise’s internal audit team
C. The enterprise’s data owner
D. The third party’s data steward
Correct Answer: C
QUESTION 158
Aboard of directors has mandated that key performance indicators (KPIs) be developed for all IT projects that are created in support of a business objective. Which of the following MUST be reflected in the KPIs to be effective?
A. Key risk indicators (KRIs)
B. Future-state architecture
C. Critical success factors (CSFs)
D. Portfolio management principles
Correct Answer: C
QUESTION 159
Which of the following is the BEST way to express the value of financial investments in cybersecurity?
A. Payback period
B. Net present value (NPV)
C. Internal rate of return (RR)
D. Cost-benefit analysis
Correct Answer: B
QUESTION 160
Which of the following should be done FIRST when developing an IT strategy to support a new Al business strategy?
A. Create use cases to understand the impact of Al
B. Assess current Al capabilities and infrastructure.
C. Establish guidelines and policies for responsible use of Al.
D. Build a team of Al professionals.
Correct Answer: B
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.