CGEIT試験無料問題集（680題）「ISACA Certified in the Governance of Enterprise IT 認定」

出題：1

Before an IT strategy committee can approve an IT risk assessment framework, which of the following is MOST important to have established?

A. An enterprise risk mitigation strategy

B. Leading and lagging risk indicators

C. IT performance metrics and standards

D. Enterprise definitions for risk impact and probability

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

An enterprise decides to accept the IT risk of a subsidiary located in another country even though it exceeds the enterprise's risk appetite. Which of the following would be the BEST justification for this decision?

A. Risk framework alignment

B. Technical gaps among subsidiaries

C. Compliance with local regulations

D. Local market common practices

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

A CIO engages a consulting firm to conduct a benchmark analysis of the organization's IT governance framework against industry best practices. Several recommendations to improve the maturity of the framework are identified. Which of the following should be the CIO's NEXT course of action?

A. Evaluate the feasibility of the recommendations

B. Develop a plan to integrate the recommendations

C. Obtain approval from the IT steering committee to implement the recommendations

D. Appoint a project manager to implement the recommendations

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

The PRIMARY reason for periodically evaluating IT resource staffing requirements is to:

A. verify that human resource recruitment and retention processes meet enterprise IT objectives.

B. ensure the enterprise has sufficient resources to address changing business and IT needs.

C. ascertain the IT function has sufficient skilled staff to maintain daily operations.

D. confirm IT-related responsibilities are defined for the enterprise's business and IT staff.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

When developing an IT training plan, which of the following is the BEST way to ensure that resource skills requirements are identified?

A. Determine training needs based on the capabilities to support the IT strategy.

B. Survey employees for IT skills requirements based upon technology trends.

C. Extract training requirements from deficiencies reported in customer service satisfaction surveys.

D. Ask managers to determine IT training requirements annually.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

An enterprise has identified potential environmental disasters that could occur in the area where its data center is located. Which of the following should be done NEXT?

A. Assess the likelihood and impact on the data center.

B. Assess how the data center is protected against the threat.

C. Relocate the data center to minimize the threat.

D. Implement an early warning detection and notification system.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

An IT strategy committee wants to evaluate how well the IT department supports the business strategy. Which of the following is the BEST method for making this determination?

A. IT controls assurance program

B. Customer survey analysis

C. Capability maturity assessment

D. IT balanced scorecard reporting

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

As a result of a new regulatory requirement, an enterprise's board has mandated that steps be taken to ensure related IT governance activities are performing as originally designed and are continuously improved. Which of the following is the BEST approach?

A. Require annual mapping of key IT governance processes

B. Conduct quarterly reviews of the enterprise business architecture

C. Mandate ongoing enterprise risk and control self-assessments (CSAs)

D. Engage periodic external audit reviews of IT governance processes

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

An enterprise is exploring a new business opportunity. Which of the following is the BEST way to help ensure related IT projects deliver the business requirements?

A. Implement stage-gate reviews that require business sign-off.

B. Hire a business consultant to manage the projects.

C. Focus on maturing processes and developing procedures.

D. Develop a policy to enforce the processes and procedures.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

A strategic IT-enabled investment is failing due to unforeseen technology problems. What should be the board of directors' FIRST course of action?

A. Revise the investment selection process.

B. Approve an investment budget increase.

C. Assess the business risk and options.

D. Terminate the investment.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：11

Which of the following is the BEST way to address the risk associated with new IT investments?

A. Establish an enterprise-wide incident response process.

B. Integrate security requirements at the beginning of projects

C. Develop security best practices to protect applications.

D. Implement an enterprise-wide security awareness program.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：12

An ongoing project is on track according to project plan. However, a recent regulation change will have a major impact to the project. The project sponsor's NEXT step should be to:

A. Rescope the project to remove work impacted by the regulation

B. Submit the project to the IT steering committee for reapproval

C. Seek exemption from the appropriate regulatory body

D. Perform an impact analysis and update the business case

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：13

A regulatory audit of an IT department has identified discrepancies between processes described in the procedures and what is actually done by system administrators.
The discrepancies were caused by recent IT application changes. Which of the following would be the BEST way to prevent the recurrence of similar findings in the future?

A. Include the update of documentation within the change management framework.

B. Assign the responsibility for periodic revisions and changes to process owners.

C. Require each IT employee to confirm compliance with IT procedures on an annual basis.

D. Establish high-level procedures to minimize process changes.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：14

Which of the following is the BEST way to implement effective IT risk management?

A. Adopt risk management processes.

B. Align with business risk management processes.

C. Minimize the number of IT risk management decision points.

D. Establish a risk management function.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：15

Which of the following should be the PRIMARY basis for establishing categories within an information classification scheme?

A. Information architecture

B. Information security policy

C. Business impact

D. Industry standards

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

CGEIT試験無料問題集「ISACA Certified in the Governance of Enterprise IT 認定」