CGEIT Online Practice Questions and Answers

The responsibility for the development of a business continuity plan (BCP) is BEST assigned to the:

A. business risk manager.

B. business owner.

C. chief executive officer (CEO).

D. IT systems owner.

Senior management is reviewing the results of a recent security incident with significant business impact. Which of the following findings should be of GREATEST concern?

A. Significant gaps are present m the incident documentation.

B. The incident was not logged in the ticketing system.

C. Response decisions were made without consulting the appropriate authority.

D. Response efforts had to be outsourced due to insufficient internal resources.

A healthcare enterprise that is subject to strict compliance requirements has decided to outsource several key IT services to third-party providers. Which of the following would be the BEST way to assess compliance and avoid reputational damage?

A. Require quarterly reports from the providers demonstrating compliance.

B. Require documentation that the providers have adequate controls in place.

C. Exercise the right to perform an audit.

D. Impose monetary penalties for noncompliance.

The PRIMARY reason for periodically evaluating IT resource staffing requirements is to:

A. ascertain the IT function has sufficient skilled staff to maintain daily operations.

B. ensure the enterprise has sufficient resources to address changing business and IT needs.

C. verify that human resource recruitment and retention processes meet enterprise IT objectives.

D. confirm IT-related responsibilities are defined for the enterprise's business and IT staff.

Which of the following is MOST important for IT governance to have in place to ensure the enterprise can maintain operations during extensive system downtime?

A. Fault-tolerant hardware

B. An incident response plan

C. A crisis communications plan

D. A business continuity plan (BCP)

Which of the following is (he GREATEST benefit of using the life cycle approach to govern information assets'?

A. Overall costs are optimized

B. Operational costs are maintained

C. Information availability is improved

D. Compliance with regulatory requirements is ensured

The PRIMARY benefit of integrating IT resource planning into enterprise strategic planning is that it enables the enterprise to:

A. allocate resources efficiently to achieve desired goals.

B. adjust business goals depending upon resource availability.

C. prioritize resource allocation based on sourcing strategy.

D. develop tactical plans to achieve resource optimization.

Which of the following components of a policy BEST enables the governance of enterprise IT?

A. Disciplinary actions

B. Regulatory requirements

C. Roles and responsibilities

D. Terms and definitions

A global financial institution has decided to integrate data from branch locations into a common database to address regulatory reporting requirements. Analysis of data flows and the full data life cycle should be conducted at which level?

A. Transaction level

B. Enterprise level

C. Branch level

D. Department level

Which of the following are commonly used terms when discussing service improvement outcomes?

1.

Improvements

2.

Benefits

3.

Return On Investment (ROI)

4.

Value On Investment(VOI)

5.

Resources

A. 2, 3, and 5 only

B. 2, 3, 4, and 5 only

C. 1, 2, 3, and 4 only

D. 1, 2, and 4 only

E. 1, 2, 3, 4, and 5