ISACA CGEIT ISACA CGEIT Certification Practice Test Online Training
ISACA CGEIT Online Training
The questions for CGEIT were last updated at Apr 23,2024.
- Exam Code: CGEIT
- Exam Name: ISACA CGEIT Certification Practice Test
- Certification Provider: ISACA
- Latest update: Apr 23,2024
Which of the following should be done FIRST when defining responsibilities for ownership of information and systems?
- A . Require an information risk assessment.
- B . Identify systems that are outsourced.
- C . Ensure information is classified.
- D . Require an inventory of information assets.
Which of the following should be established FIRST so that data owners can consistently assess the level of data protection needed across the enterprise?
- A . Data encryption program
- B . Data risk management program
- C . Data retention policy
- D . Data classification policy
Which of the following is the MOST effective way for a CIO to govern business unit deployment of shadow IT applications in a cloud environment?
- A . Implement controls to block the installation of unapproved applications.
- B . Educate the executive team about the risk associated with shadow IT applications.
- C . Provide training to the help desk to identify shadow IT applications.
- D . Review and update the application implementation process.
In an enterprise that has worldwide business units and a centralized financial control model, which of the following is a barrier to strategic alignment of business and IT?
- A . Each business unit has its own steering committee for IT investment and prioritization.
- B . Uniform portfolio management is in place throughout the business units.
- C . IT is the exclusive provider of IT services to the business units.
- D . The enterprise’s CIO is a member of the executive committee.
A company is considering selling products online, and the CIO has been asked to advise the board of directors of potential problems with this strategy .
Which of the following is the ClO’s BEST course of action?
- A . Review the security framework.
- B . Conduct a return on investment (ROI) analysis.
- C . Review the enterprise architecture (EA).
- D . Perform a risk assessment.
Which of the following should be done FIRST when concerns have been identified regarding the financial viability of a potential software supplier?
- A . Implement an escrow agreement
- B . Perform a risk assessment
- C . Include a right-to-audit clause in the contract
- D . License the intellectual property
The board and senior management of a new enterprise recently met to formalize an IT governance framework.
The board of directors’ FIRST step in implementing IT governance is to ensure that:
- A . an IT balanced scorecard is implemented.
- B . a portfolio of IT-enabled investments is developed.
- C . IT roles and responsibilities are established.
- D . IT policies and procedures are defined.
A large enterprise that is diversifying its business will be transitioning to a new software platform, which is expected to cause data changes .
Which of the following should be done FIRST when developing the related metadata management process?
- A . Require an update to enterprise data policies.
- B . Request an impact analysis.
- C . Review documented data interdependence.
- D . Validate against existing architecture.
The PRIMARY reason for an enterprise to adopt an IT governance framework is to:
- A . assure IT sustains and extends the enterprise strategies and objectives.
- B . expedite IT investments among other competing business investments.
- C . establish IT initiatives focused on the business strategy.
- D . allow IT to optimize confidentiality, integrity, and availability of information assets.
Which of the following would be MOST useful for prioritizing IT improvement initiatives to achieve desired business outcomes?
- A . Budget variance analysis
- B . Enterprise architecture (EA)
- C . IT skills matrix
- D . Portfolio management