Online Access Free ISACA.CGEIT.v2022-08-13.q135 Practice Test (Page 21)

CGEIT Exam Question 96

An independent consultant has been hired to conduct an ad hoc audit of an enterprise's information security office with results reported to the IT governance committee and the board. Which of the following is MOST important to provide to the consultant before the audit begins?

A.Acceptance of the audit risks and opportunities

B.The scope and stakeholders of the audit

C.The organizational structure of the security office

D.The polices and framework used by the security office

CGEIT Exam Question 97

The IT program manager does not see the value of conducting risk assessments for a new major IT project.
The manager is reluctant to cooperate with internal auditors and the newly formed steering committee. Midway through the project, program requirements were changed because the CEO is a friend of a vendor and wants to implement this vendor's new technology. This decision will cause the current IT program budget to be insufficient and will be shown as overspending, After the requirement change request, the IT program manager should FIRST:

A.align IT with the business and agree to the business request.

B.request additional funding from the business owner to cover the additional scope.

C.report the matter to internal audit as a program deviation to be reviewed.

D.obtain confirmation from the business and a decision by the steering committee.

CGEIT Exam Question 98

The BEST way to manage continuous improvement of governance-related processes is to:

A.define accountability based on roles and responsibilities.

B.apply effective quality management practices.

C.assess existing process resource capacities.

D.require third-party independent reviews.

CGEIT Exam Question 99

Before an IT strategy committee can approve an IT risk assessment framework, which of the following is MOST important to have established?

A.Enterprise definitions for risk impact and probability

B.An enterprise risk mitigation strategy

C.Leading and lagging risk indicators

D.IT performance metrics and standards

CGEIT Exam Question 100

Which of the following functions of HR department is liable for policy creation, policy communication, record creation, and HR information systems?

A.Analysis and design for work

B.Personnel policy

C.Support for strategy

D.Compensation and benefit

Other Version: 219ISACA.CGEIT.v2025-09-19.q537; 2172ISACA.CGEIT.v2022-03-19.q120; 123ISACA.Testkingpass.CGEIT.v2022-03-09.by.jeff.120q.pdf; 3502ISACA.CGEIT.v2021-11-13.q208; 120ISACA.Exam-killer.CGEIT.v2021-09-27.by.kim.254q.pdf

Latest Upload: 219ISACA.CGEIT.v2025-09-19.q537; 152Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 153Scrum.SAFe-Practitioner.v2025-09-18.q63; 141Workday.Workday-Prism-Analytics.v2025-09-17.q17; 131Oracle.1Z0-1055-24.v2025-09-17.q28; 128Oracle.1Z1-182.v2025-09-17.q32; 235Nutanix.NCP-US-6.5.v2025-09-16.q73; 256Oracle.1z0-071.v2025-09-16.q232; 195Oracle.1Z1-922.v2025-09-16.q125; 314CyberArk.PAM-CDE-RECERT.v2025-09-15.q100

CGEIT Exam Question 96

CGEIT Exam Question 97

CGEIT Exam Question 98

CGEIT Exam Question 99

CGEIT Exam Question 100

Download PDF File