Before designing an enterprise IT governance system, an organization should FIRST review and understand:

• A.current IT-related issues.
• B.the enterprise's risk profile.
• C.the enterprise's strategy.

Comment: *

Name: *

Email: *

Verification: *

Who is responsible for the oversight of structures and mechanisms that drive enterprise governance of information and technology (EGIT)?

• A.Individual business units
• B.External regulators
• C.The board

Comment: *

Name: *

Email: *

Verification: *

How do the assigned capability levels in the COBIT core model facilitate the achievement of the different capability levels?

• A.By setting performance metrics for enabler goals
• B.By defining organizational structure with specific roles and responsibilities
• C.By providing clear definition of the processes and required activities

Comment: *

Name: *

Email: *

Verification: *

Which of the following functions would be responsible for executing a contract that retains independent legal consultants to review the level of regulatory compliance of a proposed IT solution?

• A.Procurement office
• B.l&T security
• C.Executive leadership team
• D.Legal office

Comment: *

Name: *

Email: *

Verification: *

Which of the following components should be considered for inclusion when considering the threat landscape design factor?

• A.Compliance and assurance capabilities
• B.Impact and probability levels
• C.Information flows including security policy
• D.Information security focus areas

Comment: *

Name: *

Email: *

Verification: *