Online Access Free CGEIT Exam Questions

A global organization has noticed a significant decrease in the return on IT investments in a particular region.
To enhance project governance in this region, the CEO should FIRST

• A.Perform a program benefit calculation and review the project selection methodology
• B.Work with the region's leadership to better understand why the situation has occurred
• C.Suspend funding until project managers from better-performing regions can be assigned
• D.Perform an independent review of business cases for each current and proposed project in the region

A series of cyber events impacting internet-facing business services has been successfully contained. To minimize future business risk exposure, which of the following should the board require of the IT team?

• A.Perform a root cause analysis.
• B.Purchase cybersecurity insurance.
• C.Review the internet service provider (ISP) contract.
• D.Conduct a business impact analysis (BIA).

Which of the following situations provides the BEST justification for considering the adoption of a qualitative risk assessment method?

• A.A higher risk tolerance level has been defined by enterprise leadership
• B.There are fewer information assets in the risk register
• C.Determining a quantitative risk score would require complex calculations
• D.It is cost prohibitive to obtain relevant historical quantitative data

Business management is seeking assurance from the CIO that controls are in place to help minimize the risk of critical IT systems being unavailable during month-end financial processing. What is the BEST way to address this concern?

• A.Develop key risk indicators (KRIs) and action plans.
• B.Create a communication plan with risk owners.
• C.Outsource infrastructure hosting.
• D.Restrict and monitor user access.

Which of the following is the PRIMARY purpose of information governance?

• A.To develop control procedures that help ensure information is adequately protected throughout its life cycle
• B.To monitor the processes that deliver and enhance the value of information assets
• C.To ensure regulatory compliance is maintained while optimizing the utilization of information
• D.To set direction for information management capabilities through prioritization and decision making