ISACA CGEIT ISACA CGEIT Certification Practice Test Online Training
ISACA CGEIT Online Training
The questions for CGEIT were last updated at May 16,2024.
- Exam Code: CGEIT
- Exam Name: ISACA CGEIT Certification Practice Test
- Certification Provider: ISACA
- Latest update: May 16,2024
Which of the following is the BEST method for making a strategic decision to invest in cloud services?
- A . Prepare a business case.
- B . Prepare a request for information (RFI),
- C . Benchmarking.
- D . Define a balanced scorecard.
Which of the following is the BEST approach when reviewing The security status of a new business acquisition?
- A . Embed IT risk management strategies in service level agreements (SLAs).
- B . Establish a committee to oversee the alignment of IT security in new businesses.
- C . Incorporate IT security objectives to cover additional risks associated with new businesses.
- D . Integrate IT risk assessment into the overall due diligence process.
An enterprise is planning to outsource data processing for personally identifiable information (Pll). When is the MOST appropriate time to define the requirements for security and privacy of information?
- A . When issuing requests for proposals (RFPs)
- B . After an assessment of the current information architecture .
- C . When developing service level agreements (SLAs)
- D . During the initial vendor selection process
An enterprise considers implementing a system that uses a technology that is not in line with its IT strategy. The business case indicates significant benefit to the enterprise .
Which of the following is the BEST way to manage this situation within an IT governance framework?
- A . Update the IT strategy to align with the new technology.
- B . Initiate an operational change request.
- C . Reject based on non-alignment.
- D . Address as part of an architecture exception process.
An enterprise has been focused on establishing an IT risk management framework .
Which of the following should be the PRIMARY motivation behind this objective?
- A . Promoting responsibility throughout the enterprise for managing IT risk.
- B . Increasing the enterprise’s risk tolerance level and risk appetite.
- C . Engaging executives in examining IT risk when developing policies.
- D . Maintaining a complete and accurate risk registry to belief manage IT risk
An enterprise-wide strategic plan has been approved by the board of directors .
Which of the following would BEST support the planning of IT investments required for the enterprise?
- A . Service-oriented architecture
- B . Enterprise architecture (EA)
- C . Contingency planning
- D . Enterprise balanced scorecard
A CIO just received a final audit report that indicates there is inconsistent enforcement of the enterprise’s mobile device acceptable use policy throughout all business units .
Which of the following should be the FIRST step to address this issue?
- A . Incorporate compliance metrics into performance goals.
- B . Review the relevance of existing policy.
- C . Mandate awareness training for all mobile device users.
- D . Implement controls to enforce the policy.
Which of the following is the MOST comprehensive method to report on overall IT performance to the board of directors?
- A . Balanced scorecard
- B . Net present value (NPV)
- C . Performance-based payments
- D . Return on investment (ROI)
When implementing an IT governance framework, which of the following would BEST ensure acceptance of the framework?
- A . Factoring in the effects of enterprise culture
- B . Using subject matter experts
- C . Using industry-accepted practices
- D . Complying with regulatory requirements
An IT audit report indicates that a lack of IT employee risk awareness is creating serious security issues in application design and configuration .
Which of the following would be the BEST key risk indicator (KRI) to show progress in IT employee behavior?
- A . Number of IT employees attending security training sessions
- B . Results of application security testing
- C . Number of reported security incidents
- D . Results of application security awareness training quizzes