Which of the following best describes the identification, analysis, and ranking of risks?

• A.Fixed-price contracts
• B.Design of experiments
• C.Fast tracking
• D.Plan Risk management

Comment: *

Name: *

Email: *

Verification: *

Senior management is concerned about an increase in cybersecurity risk to the enterprise. Which of the following would be MOST helpful in establishing an early warning system to determine which potential threats should be escalated to senior management?

• A.Agreed-upon risk thresholds
• B.Patch management logs
• C.Key performance indicators (KPIs)
• D.A risk appetite statement

Comment: *

Name: *

Email: *

Verification: *

An IT governance committee is defining a risk management policy for a portfolio of !T-enabled investments Which of the following should be the PRIMARY consideration when developing the policy?

• A.Value obtained with minimum risk
• B.Possible investment failures
• C.Risk management framework
• D.Risk appetite of the enterprise

Comment: *

Name: *

Email: *

Verification: *

Two large financial institutions with different corporate cultures are engaged in a merger. From a governance perspective, which of the following should be the GREATEST concern?

• A.Technology infrastructure
• B.Combined cost of operations
• C.Risk appetite
• D.Enterprise architecture (EA) integration

Comment: *

Name: *

Email: *

Verification: *

A new and expanding enterprise has recently received a report indicating 90% of its data has been collected in just the last six months, triggering data breach and privacy concerns. What should be the IT steering committee's FIRST course of action to ensure new data is managed effectively?

• A.Modify legal and regulatory data requirements.
• B.Define data protection and privacy practices.
• C.Assess the information governance framework.
• D.Mitigate and track data-related issues and risks.

Comment: *

Name: *

Email: *

Verification: *