Question 1

An audit report has revealed that data scientists are analyzing sensitive "big data" files using an offsite cloud because corporate servers do not have the necessary processing capabilities. A review of policies indicates this practice is not prohibited. Which of the following should be the FIRST strategic action to address the report?

Options :

A : Authorize a risk analysis of the practice.

B : Update data governance practices.

C : Revise the information security policy.

D : Recommend the use of a private cloud.

Answer: A

Question 2

Which of the following BEST reflects the ethical values adopted by an IT organization?

Options :

A : IT principles and policies

B : IT balanced scorecard

C : IT governance framework

D : IT goals and objectives

Answer: A

Question 3

To develop appropriate measures to improve organizational performance, the measures MUST be:

Options :

A : a result of benchmarking and comparative analysis.

B : accepted by and meaningful to the stakeholders.

C : based on existing and validated data sources.

D : approved by the IT steering committee.

Answer: B

Question 4

Best practice states that IT governance MUST:

Options :

A : enforce consistent policy across the enterprise.

B : be applied in the same manner throughout the enterprise.

C : apply consistent target levels of maturity to processes.

D : be a component of enterprise governance.

Answer: D

Question 5

Which of the following would be of MOST concern regarding the effectiveness of risk management processes?

Options :

A : Key risk indicators (KRIs) are not established.

B : Risk management requirements are not included in performance reviews.

C : The plans and procedures are not updated on an annual basis.

D : There is no framework to ensure effective reporting of risk events.

Answer: D