An enterprise has entered into a new market which brings additional regulatory compliance requirements. To address these new requirements, the enterprise should FIRST:
A. update the organization's risk profile.
B. have executive management monitor compliance.
C. outsource the compliance process.
D. appoint a compliance officer.
Answer:
B
Discussions
0/ 1000
Question 2
An enterprise is assessing whether to utilize wearable technology. The enterprise has no prior experience with this technology and has asked the chief technology officer (CTO) to assess the impact to the enterprise. The CTO should FIRST:
A. prioritize wearable technology risk.
B. understand the enterprise's risk tolerance.
C. map the business goals to IT risk processes.
D. create an IT risk scorecard.
Answer:
B
Discussions
0/ 1000
Question 3
An internal auditor conducts an assessment of a two-year-old IT risk management program. Which of the following findings should be of MOST concern to the CIO?
A. Organizational responsibility for IT risk management is not clearly defined.
B. IT risk training records are not properly retained in accordance with established schedules.
C. None of the members of the IT risk management team have risk management-related certifications.
D. Only a few key risk indicators identified by the IT risk management team are being monitored and the rest will be on a phased schedule.
Answer:
D
Discussions
0/ 1000
Question 4
Which of the following roles should be responsible for data normalization when it is found that a new system includes duplicates of data items?
A. Business system owner
B. Database administrator (DBA)
C. Application manager
D. Data steward
Answer:
A
Discussions
0/ 1000
Question 5
An IT value delivery framework PRIMARILY helps an enterprise:
A. assist top management in approving IT projects.
B. improve value of successful IT projects.
C. increase transparency of value to the enterprise.
D. optimize value to the enterprise.
Answer:
D
Discussions
0/ 1000
Question 6
Which of the following is a responsibility of an IT strategy committee?
A. Advising the board on the development of IT goals
B. Providing oversight on enterprise strategy implementation
C. Approving the business strategy and its IT implications
D. Tracking projects in the IT investment portfolio
Answer:
A
Discussions
0/ 1000
Question 7
The MOST successful IT performance metrics are those that:
A. are approved by the stakeholders.
B. measure all areas.
C. measure financial results.
D. contain objective measures.
Answer:
D
Discussions
0/ 1000
Question 8
When establishing an enterprise data model, the BEST way to ensure the integrity of data is to:
A. implement the highest level of protection to data across the enterprise.
B. classify information using an agreed-upon schema.
C. implement a data loss prevention (DLP) program.
D. establish a privileged access management platform.
Answer:
A
Discussions
0/ 1000
Question 9
It has been discovered that multiple business units across an enterprise are using duplicate IT applications and services to fulfill their individual needs. Which of the following would be MOST helpful to address this concern?
A. IT project roadmap
B. IT service management
C. Enterprise architecture
D. Enterprise risk framework
Answer:
C
Discussions
0/ 1000
Question 10
A steering committee has been advised by the IT project management office that individual business units are building systems components that could be leveraged by other business units. Instead, identical components are being duplicated across the enterprise. Which of the following committee directives would be the BEST way to reduce the likelihood of this duplication?
A. Implement stage gate reviews to assess systems.
B. Establish an enterprise architecture.
C. Perform an assessment of change management processes.
D. Review IT system release management practices.
Answer:
C
Discussions
0/ 1000
Question 11
The board of directors of an enterprise has questioned whether the business is focused on optimizing value. The IT strategy committee's BEST action to address the board's concern is to:
A. initiate reporting and review of key IT performance metrics.
B. form a technology council to monitor the efficiency of project implementation.
C. conduct a portfolio review to assess the benefits realization of IT investments.
D. conduct a benchmark to assess IT value relative to competitors.
Answer:
A
Discussions
0/ 1000
Question 12
A business is considering a policy to anonymize personal data in enterprise systems. Before making a decision, which of the following is MOST important for the IT steering committee to consider?
A. Regulatory requirements
B. Sustainability costs to the enterprise
C. Potential implementation barriers
D. Business impact analysis (BIA) results
Answer:
A
Discussions
0/ 1000
Question 13
Enterprise IT has overseen the implementation of an array of data services with overlapping functionality leading to business inefficiencies. Which of the following is the MOST likely cause of this situation?
A. An outdated service level agreement (SLA)
B. Ineffective project management
C. An incomplete cost-benefit analysis
D. Insufficient information architecture
Answer:
B
Discussions
0/ 1000
Question 14
Which of the following is MOST important for the effective design of an IT balanced scorecard?
A. On-demand reporting and continuous monitoring
B. Consulting with the CIO
C. Emphasizing the financial results
D. Identifying appropriate key performance indicators (KPIs)
Answer:
D
Discussions
0/ 1000
Question 15
When determining the desired maturity levels for IT governance processes, it is MOST important to:
A. ensure that maturity can be achieved at the lowest cost.
B. ensure target levels are in line with external competitor benchmarks.
C. agree on target levels in response to need.
D. focus on existing strengths as key drivers for the target levels.