Which of the following would a CIO use to present the overall view of IT performance to the board of directors?
Correct Answer: C
Question 47
An enterprise has decided to create its first mobile application. The IT director is concerned about the potential impact of this initiative. Which of the following is the MOST important input for managing the risk associated with this initiative?
Correct Answer: A
Question 48
The board of directors of an enterprise has questioned whether the business is focused on optimizing value. The IT strategy committees' BEST action to address the board's concern is to:
Correct Answer: B
This is because a portfolio review is a process of evaluating the performance and value of IT investments in relation to the business objectives and strategy. A portfolio review can help to identify the alignment, contribution, and optimization of IT investments, as well as the risks, issues, and opportunities for improvement. A portfolio review can also help to communicate and demonstrate the value of IT to the board and other stakeholders, as well as to support decision-making and prioritization of IT resources. Some of the sources that support this answer are: * 1: This source explains the value of IT governance and how it can help to optimize risk and manage resources to support the organization's mission, goals, and objectives. It also discusses some of the governance enablers, such as principles, processes, and policies, that can help to align IT with the business context. * 2: This source provides a research-based methodology to improve IT governance and drive business results. It suggests that conducting a portfolio review is one of the steps to redesign the governance framework and ensure that IT investments are aligned with the business strategy and deliver value. * 3: This source defines IT portfolio management as a discipline that enables organizations to manage their IT investments as a collection of projects, programs, and services that contribute to the enterprise's strategic goals. It also describes some of the benefits of IT portfolio management, such as improving alignment, optimizing value, reducing risk, and enhancing transparency.
Question 49
An enterprise has decided to adopt cloud services. Which of the following should be established FIRST?
Correct Answer: C
Before adopting cloud services, it is critical to establish the organization's risk tolerance levels. This ensures that decisions regarding the use of cloud services align with the enterprise's ability and willingness to accept risk, such as data exposure or operational disruptions. Risk tolerance informs the creation of SLAs, third-party management frameworks, and BCPs, making it a foundational step. References: ISACA Cloud Computing Governance guidelines, CGEIT Exam Manual.
Question 50
An enterprise is determining the objectives for an IT training improvement initiative from a governance prosected. it would be MOST important to ensure that:
Correct Answer: A
An enterprise is determining the objectives for an IT training improvement initiative from a governance perspective. Governance is the process of decision-making and implementation that involves various actors and structures, both formal and informal1. Governance aims to achieve good governance, which is characterized by participation, consensus, accountability, transparency, responsiveness, effectiveness, efficiency, equity, inclusion, and rule of law2. Therefore, it would be most important to ensure that the policies and processes for IT training address both the enterprise requirements and the professional growth of the IT employees. This would ensure that the IT training is aligned with the strategic goals and priorities of the enterprise, as well as the needs and expectations of the IT staff. It would also foster a culture of learning and development that enhances the performance, quality, and value of IT services345. The other options are not the most important objectives for an IT training improvement initiative from a governance perspective. Identifying courses of instruction that will maximize employee productivity, creating several different training strategies for final approval by the CIO, and surveying and interviewing IT employees to identify development needs are all useful steps or methods for designing and implementing an IT training improvement initiative, but they are not the ultimate objectives or outcomes. They are subordinate or instrumental to the main objective of addressing both the enterprise requirements and the professional growth of the IT employees through policies and processes that reflect good governance principles345. References: 3: https://topworkplaces.com/improving-training-and-development-strategies/ 4: https://shrm.org/ResourcesAndTools/hr-topics/organizational-and-employee-development/Pages/Key- Steps-for-Better-Training-Development-Programs.aspx 5: https://www.forbes.com/sites/forbeshumanresourcescouncil/2021/07/13/12-ways-to-implement-successful- employee-training-initiatives/ 1: https://link.springer.com/article/10.1007/s40647-017-0197-4 2: https://www.unescap.org/sites/default/files/good-governance.pdf
