QUESTION: 93

An enterprise has entered into a new market which brings additional regulatory compliance requirements. To address these new requirements, the enterprise should FIRST:

update the organization's risk profile.
have executive management monitor compliance.
outsource the compliance process.
appoint a compliance officer.

Answer(s): B

Reveal Solution Next Question

QUESTION: 94

An IT steering committee is preparing to review proposals for projects that implement emerging technologies. In anticipation of the review, the committee should FIRST:

require a review of the enterprise risk management framework.
understand how the emerging technologies will influence risk across the enterprise.
determine if the IT staff can support the emerging technologies.
require a capacity plan and framework review for the emerging technologies.

Answer(s): A

Reveal Solution Next Question

The CIO of a large enterprise has taken the necessary steps to align IT objectives with business objectives. The BEST way for the CIO to ensure these objectives are delivered effectively by IT staff is to:

enhance the budget for training based on the IT objectives.
include the IT objectives in staff performance plans.
include CIO sign-off of the objectives as part of the IT strategic plan.
map the IT objectives to an industry-accepted framework.

Answer(s): D

Reveal Solution Next Question

QUESTION: 96

An analysis of an organization's security breach is complete. The results indicate that the quality of the code used for updates to its primary customer-facing software has been declining and security flaws were introduced. The FIRST IT governance action to correct this problem should be to review:

the incident response plan.
the change management control framework.
compliance with the user testing process.
the qualifications of developers to write secure code.

Answer(s): A

Reveal Solution Next Question

Free CGEIT Exam Braindumps (page: 25)

QUESTION: 93

QUESTION: 94

QUESTION: 95

QUESTION: 96

CGEIT Discussions & Posts