Online Access Free CGEIT Exam Questions

An enterprise wants to establish key risk indicators (KRIs) in an effort to better manage IT risk. Which of the following should be identified FIRST?

• A.Key performance metrics
• B.Enterprise architecture (EA) components
• C.Risk mitigation strategies
• D.The enterprise risk appetite

During an IT strategy review, a new CIO determined that numerous important internal processes have not been updated for several years and should be reexamined. Which of the following would be the BEST approach to address this concern?

• A.Implement a process review policy.
• B.Verify that the processes are still needed
• C.Assemble a project review team
• D.Map the processes to a capability maturity model.

Which of the following would provide the MOST useful information to understand the associated risks when implementing a new digital transformation strategy?

• A.Risk heat map
• B.Risk register
• C.Risk framework
• D.Risk policy

Which of the following is the BEST way to address an IT audit finding that many enterprise application updates lack appropriate documentation?

• A.Enforce change control procedures.
• B.Add change control to the risk register.
• C.Review the application development life cycle.
• D.Conduct software quality audits

From an IT governance perspective, which of the following would be the MOST significant impact of moving all IT applications to an external Software as a Service (SaaS) cloud provider?

• A.The necessity to update key risk indicators (KRIs)
• B.The improvement Of IT service alignment with business
• C.The shift from service delivery to service management
• D.The integration of the IT department with business lines