Following a major IT incident that resulted in a loss to the enterprise, a CIO is preparing for a meeting with the board of directors to discuss what may have failed internally. Which of the following should the CIO do FIRST to provide assurance to the board?

• A.Ensure IT and enterprise risk management alignment.
• B.Review the IT control environment.
• C.Review the incident response policy.
• D.Verify continuous monitoring is being performed.

Comment: *

Name: *

Email: *

Verification: *

Which of the following risks refers to the risk associated with an event in the absence of specific controls?

• A.Operational risk
• B.Inherent risk
• C.Compliance risk
• D.Financial reporting risk

Comment: *

Name: *

Email: *

Verification: *

You are the project manager of a large construction project. You are evaluating the strengths, weaknesses, opportunities, and threats involved in a project. In which of the following processes are you on?

• A.Plan Risk Responses
• B.Identify Risks
• C.Define Scope
• D.Plan Risk Management

Comment: *

Name: *

Email: *

Verification: *

Acceptance of an enterprise's newly implemented IT governance initiatives has been resisted by a functional group requesting more autonomy over technology choices. Which of the following is MOST important to accommodate this need for autonomy?

• A.Documentation of key management practices
• B.Continuous improvement processes
• C.An exception management process
• D.A change control process

Comment: *

Name: *

Email: *

Verification: *

Which of the following BEST facilitates the standardization of IT vendor selection?

• A.Cost-benefit analysis
• B.Service level agreements (SLAs)
• C.Contract management office
• D.Procurement framework

Comment: *

Name: *

Email: *

Verification: *