• Home
  • Articles
  • [May-2024] Dumps Practice Exam Questions Study Guide for the CGEIT Exam [Q20-Q41]

[May-2024] Dumps Practice Exam Questions Study Guide for the CGEIT Exam [Q20-Q41]

Share

[May-2024] Dumps Practice Exam Questions Study Guide for the CGEIT Exam

CGEIT Dumps with Practice Exam Questions Answers


The CGEIT exam is a four-hour exam that consists of 150 multiple-choice questions. CGEIT exam covers five domains of IT governance, which include framework for the governance of enterprise IT, strategic management, benefits realization, risk optimization, and resource optimization. CGEIT exam is designed to evaluate the knowledge and skills of IT professionals in these domains and to ensure that they are able to provide effective governance and management of IT resources.

 

NEW QUESTION # 20
A new and expanding enterprise has recently received a report indicating 90% of its data has been collected in just the last six months, triggering data breach and privacy concerns. What should be the IT steering committee's FIRST course of action to ensure new data is managed effectively?

  • A. Assess the information governance framework.
  • B. Define data protection and privacy practices.
  • C. Mitigate and track data-related issues and risks.
  • D. Modify legal and regulatory data requirements.

Answer: A

Explanation:
An information governance framework is the structure that provides a holistic overview of the influences that inform how an organisation creates and manages its enterprise-wide information assets (records, information and data)1. It defines the roles, responsibilities, policies, standards, and processes for ensuring effective and secure information management. If a new and expanding enterprise has collected a large amount of data in a short period of time, it may face data breach and privacy risks if it does not have a robust and comprehensive information governance framework in place. Therefore, the IT steering committee's first course of action should be to assess the current state of the information governance framework, identify any gaps or weaknesses, and implement improvements or changes as needed. This will help the enterprise to protect and preserve its information assets, comply with legal and regulatory requirements, and enable ethical and efficient use of information. Mitigating and tracking data-related issues and risks, modifying legal and regulatory data requirements, and defining data protection and privacy practices are important actions, but they are not the first course of action. They are more likely to be part of the implementation or improvement of the information governance framework after it has been assessed. References := Establishing an information governance framework


NEW QUESTION # 21
IT has launched new portfolio management policies and processes to improve the alignment of IT projects with enterprise goals. The latest audit report indicates that no improvement has been made due to confusion in the decision-making process. Which of the following is the BEST course of action for the CIO?

  • A. Develop and communicate an accountability matrix.
  • B. Implement a performance management framework.
  • C. Deliver prioritization and facilitation training.
  • D. Create an IT portfolio management risk framework.

Answer: A


NEW QUESTION # 22
Fill in the blank with the appropriate word. An ___________ is a resource, process, product, computing infrastructure, and so forth that an organization has determined must be protected.

Answer:

Explanation:
asset


NEW QUESTION # 23
Which of the following is MOST important to consider when planning to implement a cloud-based application for sharing documents with internal and external parties?

  • A. Cloud implementation model
  • B. Information ownership
  • C. Third-party access rights
  • D. User experience

Answer: B

Explanation:
Information ownership is the right and responsibility to define, classify, protect, and manage the data assets of an enterprise. When using a cloud-based application, the enterprise should ensure that it retains the ownership and control of its information, and that it complies with the relevant laws and regulations regarding data privacy, security, and sovereignty12. The enterprise should also establish clear policies and agreements with the cloud service provider and the internal and external parties regarding the access, usage, storage, transfer, retention, and disposal of the information12. By considering information ownership, the enterprise can mitigate the risks and challenges of using a cloud-based application, such as data breaches, unauthorized access, vendor lock-in, legal disputes, or reputational damage12.
The other options are not as important as information ownership, as they are secondary or dependent factors. Cloud implementation model is the type of cloud service that the enterprise chooses to use, such as software as a service (SaaS), platform as a service (PaaS), or infrastructure as a service (IaaS)3. Cloud implementation model can affect the cost, performance, scalability, and flexibility of the cloud-based application, but it does not directly affect the ownership and governance of the information3. User experience is the perception and satisfaction of the users when interacting with the cloud-based application. User experience can affect the adoption, engagement, and productivity of the users, but it does not directly affect the ownership and governance of the information. Third-party access rights are the permissions and restrictions that the enterprise grants to external parties to access and use its information through the cloud-based application. Third-party access rights can affect the security and privacy of the information, but they are determined by the information ownership policies and agreements that the enterprise establishes with the cloud service provider and the external parties12.


NEW QUESTION # 24
You are the project manager for ABC project. You are planning for when and how human resource requirements will be met. You are working on ____.

  • A. Resource calendar
  • B. Scope management plan
  • C. Staffing management plan
  • D. Project organization chart

Answer: C


NEW QUESTION # 25
When determining the optimal IT service levels to support business, which of the following is MOST important?

  • A. Business user requests
  • B. Cost/benefit to the business.
  • C. IT capacity utilization and availability.
  • D. Available IT budget.

Answer: B


NEW QUESTION # 26
An internal audit revealed a widespread perception that the enterprise's IT governance reporting lacks transparency Which of the following should the CIO do FIRST?

  • A. Meet with key stakeholders to understand their concerns
  • B. Adopt an industry-recognized template to standardize reports.
  • C. Develop a communication and awareness strategy
  • D. Add stakeholder transparency metrics to the balanced scorecard

Answer: A


NEW QUESTION # 27
An enterprise is concerned with the potential for data leakage as a result of increased use of social media in the workplace, and wishes to establish a social media strategy. Which of the following should be the MOST important consideration in developing this strategy?

  • A. Criticality of the information
  • B. Ensuring that the enterprise architecture (EA) is updated
  • C. Data ownership
  • D. The balance between business benefits and risk

Answer: D

Explanation:
This is because social media can offer many advantages for an enterprise, such as enhancing customer engagement, increasing brand awareness, improving market intelligence, and fostering innovation. However, social media also poses many challenges and threats, such as data breaches, privacy violations, reputational damage, legal liabilities, and compliance issues. Therefore, an enterprise needs to balance the business benefits and risk of using social media in the workplace, and establish a clear and consistent social media policy and governance framework that defines the objectives, roles, responsibilities, standards, and processes for managing social media activities and data.
Some of the sources that support this answer are:
1: This source provides a comprehensive guide on how to create a social media governance plan that covers the key elements of a social media policy, compliance management, security and risk mitigation, decision-making and approval workflow, and crisis management.
2: This source discusses the gaps, risks, and opportunities of social media governance in the context of Australian public communication. It identifies some of the best practices and recommendations for developing and implementing a social media strategy that aligns with the organizational goals and values, as well as the legal and ethical obligations.
3: This source explores the social media governance challenges and solutions for financial services companies. It highlights the importance of balancing the business benefits and risk of social media, and suggests some of the key steps to achieve effective social media governance, such as conducting a risk assessment, defining a social media policy, establishing a governance structure, monitoring and measuring performance, and reviewing and updating the strategy.


NEW QUESTION # 28
Establishing a uniform definition for likelihood and impact BEST enables an enterprise to:

  • A. prioritize threat assessment.
  • B. reduce variance in the assessment of risk.
  • C. reduce risk appetite and tolerance levels.
  • D. develop key risk indicators (KRIs).

Answer: B

Explanation:
Establishing a uniform definition for likelihood and impact best enables an enterprise to reduce variance in the assessment of risk. This means that the enterprise can have a consistent and comparable way of measuring and evaluating the probability and consequence of potential events that may affect its objectives, operations, and performance. A uniform definition of likelihood and impact can help to avoid confusion, ambiguity, or bias in the risk assessment process, as well as to improve the quality and reliability of the risk data and analysis.
Some references for establishing a uniform definition for likelihood and impact are:
Risk Assessment: Likelihood & Impact, which provides a guide on how to conduct a risk assessment using a clear formula that involves likelihood and impact1.
Risk = Likelihood x Impact, which explains how to calculate the total amount of risk exposure using likelihood and impact2.
How Analysis, Likelihood, and Impact Models Work Together, which describes how to use different models to express the chance, consequence, and score of a risk3.


NEW QUESTION # 29
An enterprise is concerned with the potential for data leakage as a result of increased use of social media in the workplace, and wishes to establish a social media strategy. Which of the following should be the MOST important consideration in developing this strategy?

  • A. Criticality of the information
  • B. Ensuring that the enterprise architecture (EA) is updated
  • C. Data ownership
  • D. The balance between business benefits and risk

Answer: D


NEW QUESTION # 30
Which of the following factors influence the operating environment of an enterprise?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Stakeholders values
  • B. Mission, vision and values of an enterprise
  • C. Industry practices
  • D. Outcome measures

Answer: A,B,C


NEW QUESTION # 31
An organization supports both programs and projects for various industries. What is a portfolio?

  • A. A portfolio is the total amount of funds that have been invested in programs, projects, and operations.
  • B. A portfolio describes any project or program within one industry or application area.
  • C. A portfolio describes all of the monies that are invested in the organization.
  • D. A portfolio describes the organization of related projects, programs, and operations.

Answer: D


NEW QUESTION # 32
In which of the following types of biases does the data collection itself interfere with the process it is measuring?

  • A. Nonresponse
  • B. Perception
  • C. Operational
  • D. Interaction

Answer: D


NEW QUESTION # 33
Which of the following is the MOST efficient way for an IT transformation project manager to communicate the project progress with stakeholders?
* Establish governance forums within project management.

  • A. Share the business case with stakeholders.
  • B. Post the project management report to the enterprise intranet site.
  • C. Include key performance indicators (KPls) in a monthly newsletter.

Answer: A

Explanation:
The most efficient way for an IT transformation project manager to communicate the project progress with stakeholders is to include key performance indicators (KPIs) in a monthly newsletter. This is because KPIs are measurable values that indicate how well the project is achieving its objectives and delivering value to the business1. By including KPIs in a monthly newsletter, the project manager can:
* Provide a concise, clear, and consistent overview of the project status and results to the stakeholders2
* Highlight the project achievements, challenges, and opportunities2
* Demonstrate the alignment of the project with the business strategy, goals, and priorities2
* Solicit feedback and suggestions from the stakeholders2
* Foster a sense of engagement and collaboration among the stakeholders2 A monthly newsletter is an efficient communication channel, as it can reach a large and diverse audience of stakeholders, such as senior executives, business managers, IT staff, customers, and partners. It can also be easily distributed and accessed through email or intranet. A monthly frequency is appropriate for communicating the project progress, as it can provide timely and relevant information without overwhelming or distracting the stakeholders.
The other options, establishing governance forums within project management, sharing the business case with stakeholders, and posting the project management report to the enterprise intranet site are not as efficient as including KPIs in a monthly newsletter for communicating the project progress with stakeholders. They are more related to the planning and execution of the project, rather than its communication. They may also be too formal, detailed, or infrequent for some stakeholders who may prefer a more informal, concise, or frequent view of the project progress.


NEW QUESTION # 34
Which of the following risk functions directs the Sarbanes-Oxley Section 302 and 404 assessments?

  • A. Operational Quality Assurance
  • B. Compliance & Ethics
  • C. Operations management
  • D. Accounting / Financial compliance

Answer: D


NEW QUESTION # 35
The accountability for a business continuity program for business-critical systems is BEST assigned to the:

  • A. chief information officer (CIO).
  • B. chief executive officer (CEO).
  • C. director of internal audit.
  • D. enterprise risk manager.

Answer: B


NEW QUESTION # 36
Which of the following quadrant analysis identifies the key issues of anticipation of business needs, service levels over cost, and business enablement and facilitation (removal of obstacles)?

  • A. High level role (strategic/transformational) and business market followers (riskaverse/mature)
  • B. Low level role (tactical/utility) and business market leader (risk-taker/high growth)
  • C. High level role (strategic/transformational) and business market leader (risktaker/high growth)
  • D. Low level role (tactical/utility) and business market followers (risk-averse/mature)

Answer: B

Explanation:
Section: Volume C


NEW QUESTION # 37
Beth is a project team member on the JHG Project. Beth has added extra features to the project and this has introduced new risks to the project work. The project manager of the JHG project elects to remove the features Beth has added. The process of removing the extra features to remove the risks is called what?

  • A. Defect repair
  • B. Preventive action
  • C. Corrective action
  • D. Scope creep

Answer: B


NEW QUESTION # 38
Which of the following would a CIO use to present the overall view of IT performance to the board of directors?

  • A. Balanced scorecard
  • B. Key performance indicators (KPIs)
  • C. Key risk indicators (KRIs)
  • D. Maturity model

Answer: A

Explanation:
A balanced scorecard is a tool that a CIO would use to present the overall view of IT performance to the board of directors, because it is a framework that translates the enterprise's vision and strategy into a set of performance measures that cover four perspectives: financial, customer, internal business process, and learning and growth12. A balanced scorecard can help to communicate and monitor the IT strategy and goals, and align the IT activities and resources with the business needs and expectations. A balanced scorecard can also provide a balanced and comprehensive view of the IT performance and value delivery, and highlight the strengths, weaknesses, opportunities, and threats for improvement12. References := ISACA, CGEIT Review Manual, 7th Edition, 2019, page 43-44.


NEW QUESTION # 39
Jeff works as a project manager for BlueWell Inc. He is determining which risks can affect the project. Which of the following are the inputs to the identify risks process that Jeff will use to accomplish the task? Each correct answer represents a complete solution.
Choose all that apply.

  • A. Risk management plan
  • B. Activity cost estimates
  • C. Scope baseline
  • D. Risk register

Answer: A,B,C

Explanation:
Section: Volume B


NEW QUESTION # 40
IT maturity models measure:

  • A. capabilities.
  • B. outcome.
  • C. performance.
  • D. value.

Answer: A

Explanation:
IT maturity models measure the capabilities of an IT organization, which means the ability to perform certain activities or tasks effectively and efficiently. IT maturity models assess the current state of the IT organization in terms of people, processes, and technology, and compare it with the desired or optimal state. IT maturity models also help to identify the gaps and opportunities for improvement, and to prioritize and plan the actions to achieve higher levels of maturity. IT maturity models can be used for various purposes, such as benchmarking, strategic planning, performance management, risk management, and quality assurance.
References: CGEIT Exam Content Outline | ISACA1, CGEIT Review Manual (Digital Version), Use an IT maturity model - IBM Garage Practices1, IT Maturity Models, Scorecards & Assessments | Smartsheet2


NEW QUESTION # 41
......

Free Isaca Certificaton CGEIT Exam Question: https://www.examcost.com/CGEIT-practice-exam.html

CGEIT by Isaca Certificaton Actual Free Exam Practice Test: https://drive.google.com/open?id=1xDdUxXcDS0Wrj8OMA_xO8A_NsjEOkghO

Related Articles

more
ISACA CGEIT Certification Practice Exam

ExamCost provides valid exam collection to help you pass exam once and help you waste more exam cost. If you choose our ExamCost exam collection we guarantee you pass exam surely.

Latest Test Cost

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 ExamCost NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy

Disclaimer:
ExamCost doesn't offer Real Certiport Exam Questions.
ExamCost doesn't offer Real (ISC)² Exam Questions.
ExamCost doesn't offer Real CompTIA Exam Questions.
Oracle and Java are registered trademarks of Oracle and/or its affiliates
ExamCost material do not contain actual actual Oracle Exam Questions or material.
ExamCost doesn't offer Real Microsoft Exam Questions.
Microsoft®, Azure®, Windows®, Windows Vista®, and the Windows logo are registered trademarks of Microsoft Corporation
ExamCost Materials do not contain actual questions and answers from Cisco's Certification Exams. The brand Cisco is a registered trademark of CISCO, Inc
CFA Institute does not endorse, promote or warrant the accuracy or quality of these questions. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
ExamCost does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. ExamCost does not own or claim any ownership on any of the brands.