Question 1

An IT audit reveals inconsistent maintenance of data privacy in enterprise systems primarily due to a lack of data sensitivity categorizations. Once the categorizations are defined, what is the BEST long-term strategic response by IT governance to address this problem?

Options :

A : Standardize data classification processes throughout the enterprise.

B : Incorporate enterprise privacy categorizations into contracts.

C : Require business impact analyses (BIAs) for enterprise systems.

D : Reassess the data governance policy.

Answer: A

Question 2

Which of the following will BEST help to ensure enterprise IT risk is effectively managed?

Options :

A : Establishing an audit committee that reports to the board

B : Establishing roles and responsibilities for IT risk at the senior management level

C : Identifying the lowest IT risks and outsourcing the related IT functions

D : Assigning a project sponsor and project manager to implement an IT risk register

Answer: B

Question 3

Which of the following MUST be established before implementing an information architecture that restricts access to data based on sensitivity?

Options :

A : Risk and control frameworks

B : Probability and impact analysis

C : Classification and ownership

D : Security and privacy policies

Answer: C

Question 4

Which of the following is MOST important to review during IT strategy development?

Options :

A : Industry best practices

B : IT balanced scorecard

C : Current business environment

D : Data flows that indicate areas requiring IT support

Answer: C

Question 5

The use of an enterprise architecture (EA) framework BEST supports IT governance by providing:

Options :

A : key information for IT service level management.

B : reference models to align IT with business.

C : IT standards for application development

D : business information for IT capacity planning.

Answer: B

Free CGEIT Mock Exam – Practice Online Confidently

Buying Options: