2022 Realistic ExamCost CGEIT Dumps PDF - 100% Passing Guarantee
Free ISACA CGEIT Exam Questions and Answer
For more info visit:
Exam Prerequisites
The prerequisite of the CGEIT is that the candidate has appropriate technical work experience in support of corporate enterprise information technology with a minimum of five years of work experience.
NEW QUESTION 102
An enterprise experiencing issues with data protection and least privilege is implementing enterprise-wide data encryption in response. Which of the following is the BEST approach to ensure all business units work toward remediating these issues?
- A. Integrate data encryption requirements into existing and planned projects.
- B. Mandate the creation of a data governance framework.
- C. Develop key performance indicators (KPIs) to measure enterprise adoption.
- D. Assign owners for data governance initiatives.
Answer: A
NEW QUESTION 103
Elizabeth is a project manager for her organization and she finds risk management to be very difficult for her to manage. She asks you, a lead project manager, at what stage in the project will risk management become easier. What answer best resolves the difficulty of risk management practices and the effort required?
- A. Risk management only becomes easier the more often it is practiced.
- B. Risk management only becomes easier when the project is closed.
- C. Risk management only becomes easier when the project moves into project execution.
- D. Risk management is an iterative process and never becomes easier.
Answer: A
NEW QUESTION 104
Which of the following is MOST important for an enterprise to review when classifying information assets?
- A. Requirements for information retention.
- B. Media used for storage and backup
- C. Procedures for information handling
- D. Impact of information exposure
Answer: D
NEW QUESTION 105
Which of the following is a family of ISO standards for Total Quality Management (TQM)?
- A. ISO 20000
- B. ISO 27001
- C. ISO 38500
- D. ISO 9000
Answer: D
Explanation:
Section: Volume C
NEW QUESTION 106
A global financial institution has decided to integrate data from branch locations into a common database to address regulatory reporting requirements. Analysis of data flows and the full data life cycle should be conducted at which level?
- A. Branch level
- B. Transaction level
- C. Department level
- D. Enterprise level
Answer: B
NEW QUESTION 107
Fred is the project manager of a large project in his organization. Fred needs to begin planning the risk management plan with the project team and key stakeholders. Which plan risk management process tool and technique should Fred use to plan risk management?
- A. Variance and trend analysis
- B. Planning meetings and analysis
- C. Information gathering techniques
- D. Data gathering and representation techniques
Answer: B
NEW QUESTION 108
Which volume provides guidance on clarification and prioritization of service-provider investments in services?
- A. Service Management
- B. Service Operation
- C. Service Design
- D. Service Strategy
Answer: D
NEW QUESTION 109
During qualitative risk analysis you want to define the risk urgency assessment. All of the following are indicators of risk priority except for which one?
- A. Risk rating
- B. Warning signs
- C. Symptoms
- D. Cost of the project
Answer: D
NEW QUESTION 110
Following a re-prioritization of business objectives by management, which of the following should be performed FIRST to allocate resources to IT processes?
- A. Perform a maturity assessment.
- B. Update the IT strategy.
- C. Implement a RACI model.
- D. Refine the human resource management plan.
Answer: D
NEW QUESTION 111
Which of the following phases in SDLC transforms the detailed requirements into complete, detailed system design document?
- A. Initiation
- B. Planning
- C. Design
- D. Development
Answer: C
Explanation:
Section: Volume C
NEW QUESTION 112
A chief technology officer (CTO) wants to ensure IT governance practices adequately address risk management specific to mobile applications. To create the appropriate risk policies for IT, it is MOST important for the CTO to:
- A. map the business goals to IT risk processes.
- B. understand the enterprise's risk tolerance.
- C. create an IT risk scorecard.
- D. identify the mobile technical requirements.
Answer: B
NEW QUESTION 113
Where can a project manager find risk-rating rules?
- A. Risk management plan
- B. Enterprise environmental factors
- C. Risk probability and impact matrix
- D. Organizational process assets
Answer: D
NEW QUESTION 114
The PRIMARY objective of IT resource planning within an enterprise should be to:
- A. determine IT outsourcing options.
- B. finalize service level agreements for IT.
- C. maximize value received from IT.
- D. determine risk associated with IT resources.
Answer: C
NEW QUESTION 115
Which of the following has the tendency or inclination of outlook that is a troublesome source of error in human sensing?
- A. Defect
- B. Bias (of measurement)
- C. Risk
- D. Vulnerability
Answer: B
NEW QUESTION 116
Which of the following is the GREATEST benefit of using a quantitative nsk assessment method?
- A. It uses resources more efficiently
- B. It helps in prioritizing risk response action plans
- C. It can be used to assess risks against non-tangible assets
- D. It reduces subjectivity
Answer: D
NEW QUESTION 117
When developing a framework to implement IT governance, which of the following BEST contributes to the successful implementation?
- A. Practical and enforceable policies
- B. Comprehensive and timely audit reviews
- C. Automated compliance tracking
- D. Periodic peer reviews
Answer: A
NEW QUESTION 118
Which of the following guides provides risk and value statements to help identify and validate the need to execute each control objective?
- A. COBIT control practices guide
- B. IT assurance guide
- C. IT control for Sarbanes Oxley guide
- D. IT control objectives for Basel II guide
Answer: A
Explanation:
Section: Volume C
NEW QUESTION 119
An enterprise is conducting a SWOT analysis as part of IT strategy development. Which of the following would be MOST helpful to identify opportunities and threats?
- A. Internal framework assessment
- B. Critical success factors (CSF)
- C. Risk appetite
- D. Competitor analysis
Answer: B
NEW QUESTION 120
The CIO of an enterprise learns the payroll server of a competitor has been the victim of ransomware. To help plan for the possibility of ransomed corporate data, what should be the ClO's FIRST course of action?
- A. Develop a policy to address ransomware.
- B. Request a targeted risk assessment.
- C. Back up corporate data to a secure location.
- D. Require development of key risk indicators (KRls).
Answer: C
NEW QUESTION 121
Which of the following IT governance frameworks provides governance of IT investments, produced by the IT Governance Institute (ITGI), and is a formal statement of principles and processes for IT portfolio management?
- A. Val IT
- B. VMM
- C. Risk IT
- D. COBIT
Answer: A
Explanation:
Section: Volume A
NEW QUESTION 122
A root-cause analysis indicates a major service disruption due to a lack of competency of newly hired IT system administrators. Who should be accountable for resolving the situation?
- A. Chief information officer
- B. HR recruitment manager
- C. HR training director
- D. (CIO) Business process owner
Answer: A
NEW QUESTION 123
A board of directors wants to ensure the enterprise is responsive to changes in its environment that would directly impact critical business processes. Which of the following will BEST facilitate meeting this objective?
- A. Implementing a competitive intelligence tool
- B. Scheduling frequent threat analyses
- C. Regularly reviewing the enterprise risk appetite
- D. Monitoring key risk indicators (KRIs)
Answer: D
NEW QUESTION 124
The risk committee is overwhelmed by the number of false positives included in risk reports. What action would BEST address this situation?
- A. Conduct a risk assessment.
- B. Adjust IT balanced scorecard.
- C. Evaluate key risk indicators.
- D. Change the reporting format.
Answer: A
NEW QUESTION 125
In which of the following components of the COSO ERM are the policies and procedures established and implemented to help ensure that the risk responses are effectively carried out?
- A. Risk assessment
- B. Event identification
- C. Risk response
- D. Control activity
Answer: D
NEW QUESTION 126
......
Verified CGEIT dumps Q&As Latest CGEIT Download: https://www.examcost.com/CGEIT-practice-exam.html
Updated 100% Cover Real CGEIT Exam Questions - 100% Pass Guarantee: https://drive.google.com/open?id=1lw9H90i29PORBcNqSQLfvPpSLMJAEJz3
