Isaca CGEIT Practice Test - Questions Answers, Page 18

The use of new technology in an enterprise will require specific expertise and updated system development processes. There is concern that IT is not properly sourced. Which of the following should be the FIRST course of action?

An enterprise is evaluating a Software as a Service (SaaS) solution to support a core business process. There is no outsourcing governance or vendor management in place. What should be the CEO's FIRST course of action?

An IT steering committee wants the enterprise's mobile workforce to use cloud-based file storage to save non-sensitive corporate data, removing the need for remote access to that information. Before this change is implemented, what should be included in the data management policy?

Who is PRIMARILY accountable for delivering the benefits of an IT-enabled investment program to the enterprise?

An enterprise incurred penalties for noncompliance with privacy regulations. Which of the following is MOST important to ensure appropriate ownership of access controls to address this deficiency?

Which of the following would be of MOST concern regarding the effectiveness of risk management processes?

An enterprise has a zero-tolerance policy regarding security. This policy is causing a large number of email attachments to be blocked and is a disruption to enterprise. Which of the following should be the FIRST governance step to address this email issue?

Which of the following is the BEST method for determining an enterprise's current appetite for risk?

Which of the following is the MOST effective approach to ensure senior management sponsorship of IT risk management?