An organization has decided to integrate IT risk with the enterprise risk management (ERM) framework. The FIRST step to enable this integration is to establish:

• A.a common risk management taxonomy.
• B.a common risk organization.
• C.common key risk indicators (KRIs).
• D.common risk mitigation strategies.

Comment: *

Name: *

Email: *

Verification: *

Which volume provides guidance on clarification and prioritization of service-provider investments in services?

• A.Service Management
• B.Service Design
• C.Service Operation
• D.Service Strategy

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY reason for implementing an IT governance program in an enterprise is to

• A.comply with regulatory requirements
• B.reduce risks due to improved compensating controls.
• C.decrease the scale of investment in information systems due to budgetary controls.
• D.balance the demand for information and the ability to deliver.

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be the PRIMARY governance objective for selecting key risk indicators (KRIs) related to legal and regulatory compliance?

• A.Identifying the risk of noncompliance
• B.Ensuring the effectiveness of IT compliance controls
• C.Demonstrating sound risk management practices
• D.Measuring IT alignment with enterprise risk management (ERM)

Comment: *

Name: *

Email: *

Verification: *

CORRECT TEXT
Fill in the blank with the appropriate word. An ___________ is a resource, process, product, computing infrastructure, and so forth that an organization has determined must be protected.

Comment: *

Name: *

Email: *

Verification: *