QUESTION: 69

Following a major IT incident that resulted in a loss to the enterprise, a CIO is preparing for a meeting with the board of directors to discuss what may have failed internally. Which of the following should the CIO do FIRST to provide assurance to the board?

Review the IT control environment.
Ensure IT and enterprise risk management alignment.
Review the incident response policy.
Verify continuous monitoring is being performed.

Answer(s): B

Reveal Solution Next Question

QUESTION: 70

A newly appointed CIO has issued a new IT strategic plan. Which of the following would be the MOST
effective way for the CIO to ensure the IT management team is held accountable for the delivery of the plan?

Provide management training on IT strategic objectives.
Revise the managers' performance goals to include key objectives.
Enforce disciplinary action for managers if the plan is not delivered.
Update the IT balanced scorecard with key objectives.

Answer(s): B

Reveal Solution Next Question

QUESTION: 71

Which of the following is the PRIMARY ongoing responsibility of the IT governance function related to risk?

Responding to and controlling all IT risk events
Verifying that all business units have staff skilled at assessing risk
Communicating the enterprise risk management plan
Ensuring IT risk management is aligned with business risk appetite

Answer(s): C

Reveal Solution Next Question

QUESTION: 72

Which of the following is the BEST outcome measure to determine the effectiveness of IT risk management processes?

Time lag between when IT risk is identified and the enterprise's response
Percentage of business users satisfied with the quality of risk training
Frequency of updates to the IT risk register
Number of events impacting business processes due to delays in responding to risks

Answer(s): A

Reveal Solution Next Question

Free CGEIT Exam Braindumps (page: 19)

QUESTION: 69

QUESTION: 70

QUESTION: 71

QUESTION: 72

CGEIT Discussions & Posts