Limited-Time Offer: Enjoy 60% Savings! - Ends In 0d 00h 00m 00s Coupon code: 60OFF
Welcome to QA4Exam
Logo

- Trusted Worldwide Questions & Answers
Mail Us support@qa4exam.com
0
Menu

Most Recent Isaca CGEIT Exam Questions & Answers


Prepare for the Isaca Certified in the Governance of Enterprise IT exam with our extensive collection of questions and answers. These practice Q&A are updated according to the latest syllabus, providing you with the tools needed to review and test your knowledge.

QA4Exam focus on the latest syllabus and exam objectives, our practice Q&A are designed to help you identify key topics and solidify your understanding. By focusing on the core curriculum, These Questions & Answers helps you cover all the essential topics, ensuring you're well-prepared for every section of the exam. Each question comes with a detailed explanation, offering valuable insights and helping you to learn from your mistakes. Whether you're looking to assess your progress or dive deeper into complex topics, our updated Q&A will provide the support you need to confidently approach the Isaca CGEIT exam and achieve success.

The questions for CGEIT were last updated on Dec 21, 2024.
  • Viewing page 1 out of 116 pages.
  • Viewing questions 1-5 out of 578 questions
Get All 578 Questions & Answers
Question No. 1

The BEST way for a CIO to monitor the alignment between the business and IT strategy is to regularly review

Show Answer Hide Answer
Correct Answer: C

The best way for a CIO to monitor the alignment between the business and IT strategy is to regularly review the balanced scorecard. The balanced scorecard is a strategic management tool that helps to measure and communicate the performance of an organization in relation to its vision, mission, goals, and objectives.The balanced scorecard uses four perspectives: financial, customer, internal process, and learning and growth, to evaluate how well the organization is achieving its desired outcomes and creating value for its stakeholders1.The balanced scorecard can also help to align the IT strategy with the business strategy by linking the IT objectives, initiatives, and measures with the business objectives, initiatives, and measures across the four perspectives2. By reviewing the balanced scorecard regularly, the CIO can monitor the progress and results of the IT strategy, identify the gaps and issues that need to be addressed, and ensure that the IT strategy is supporting and enabling the business strategy.According to COBIT 5, one of the seven enablers of IT governance is performance management, which includes using the balanced scorecard to align IT-related goals and metrics with enterprise goals and metrics3.The balanced scorecard is also part of the IT governance domain 5: Performance Measurement4.

The other options are not the best ways for a CIO to monitor the alignment between the business and IT strategy. Key risk indicators (KRIs) are metrics that indicate the level of risk exposure or potential impact of a risk event on an organization. KRIs can help to monitor and manage IT risks, but they do not necessarily reflect the alignment of IT strategy with business strategy. IT services supporting business processes are the activities and functions that IT provides to enable and facilitate the execution of business processes. Reviewing IT services can help to evaluate the quality and efficiency of IT delivery, but they do not capture the strategic alignment of IT with business. The risk register is a document that records and tracks the identified risks, their causes, impacts, probabilities, responses, owners, and statuses.The risk register can help to document and communicate IT risks, but it does not measure or report the alignment of IT strategy with business strategy.Reference:=1: Balanced Scorecard Basics - Balanced Scorecard Institute12: Aligning Business Strategy with Information Technology Strategy - ISACA23: COBIT 5: A Business Framework for the Governance and Management of Enterprise IT, ISACA, page 314: CGEIT Review Manual 2023, ISACA, page 197.: Key Risk Indicators - ISACA3: What are IT Services?Definition & Examples - BMC Software4: Risk Register - ISACA


Question No. 2

An enterprise's information security function is making changes to its data retention and backup policies. Which of the following presents the GREATEST risk?

Show Answer Hide Answer
Correct Answer: A

Business data owners were not consulted is the answer that presents the greatest risk, as it implies that the information security function did not consider the needs, expectations, and requirements of the stakeholders who are responsible for the data.Business data owners should be involved in the development and implementation of data retention and backup policies, as they can provide input on the value, sensitivity, and classification of the data, as well as the legal and regulatory obligations for data preservation and protection12. Without consulting the business data owners, the information security function may create policies that are inconsistent, ineffective, or detrimental to the enterprise's objectives and operations.


Question No. 3

An enterprise's internal audit group has scheduled a control review of a payroll system project but has been told to wait until the system is implemented. Which of the following is the GREATEST risk associated with the delay?

Show Answer Hide Answer
Correct Answer: C

Delaying the control review of a payroll system project until after its implementation increases the risk of discovering control weaknesses or errors that could have been prevented or corrected earlier.This would result in increased cost to mitigate the deficiencies and ensure the system's reliability and compliance.Reference: CGEIT Domain 4: Risk Optimization

Topic 2, Exam pool B


Question No. 4

Which of the following is the BEST method for determining an enterprise's current appetite for risk?

Show Answer Hide Answer
Correct Answer: A

According to the CGEIT certification guide, the best method for determining an enterprise's current appetite for risk is interviewing senior management. This is because senior management is responsible for setting the risk appetite and tolerance of the enterprise, and for balancing the security and business needs. The risk appetite reflects the amount and type of risk that an organization is willing to take in order to meet their strategic objectives.Interviewing senior management can help to understand their perspectives, expectations, and preferences regarding risk taking1. The other options are less effective than option A, as they do not directly capture the senior management's input or risk-based decision making.Reference:= CGEIT certification guide, domain 3: Risk Optimization, section 3.1: Risk Governance, page 87.


Question No. 5

Which of the following would be the BEST way for an IT steering committee to monitor the adoption of a new enterprise IT strategy?

Show Answer Hide Answer
Correct Answer: A

The best way for an IT steering committee to monitor the adoption of a new enterprise IT strategy is to establish key performance indicators (KPIs), because they are metrics that measure the progress and achievement of the IT strategic objectives and goals, and provide feedback and guidance for improvement.KPIs can help the IT steering committee to track and evaluate the performance and outcomes of the IT function, and to ensure that the IT activities and resources are aligned with the business needs and expectations12.KPIs can also help to communicate and report the IT value delivery and innovation to the board and other stakeholders12.Reference:= ISACA, CGEIT Review Manual, 7th Edition, 2019, page 43-44.


Unlock All Questions for Isaca CGEIT Exam

Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits

Get All 578 Questions & Answers
Explore Other Isaca Exams