An organization is analyzing the risk of shadow IT usage. Which of the following is the MOST important input into the assessment?

• A.Application-related expresses
• B.Classification of the data
• C.Business benefits of shadow IT
• D.Volume of data

Comment: *

Name: *

Email: *

Verification: *

Which of the following BEST confirms the existence and operating effectiveness of information systems controls?

• A.First-hand direct observation of the controls in operation
• B.Self-assessment questionnaires completed by management
• C.Review of internal audit and third-party reports
• D.Management review and sign-off on system documentation

Comment: *

Name: *

Email: *

Verification: *

To help ensure the success of a major IT project, it is MOST important to:

• A.obtain approval from business process owners
• B.obtain the appropriate stakeholders' commitment
• C.update the risk register on a regular basis
• D.align it with the organization's strategic plan

Comment: *

Name: *

Email: *

Verification: *

A data processing center operates in a jurisdiction where new regulations have significantly increased penalties for data breaches. Which of the following elements of the risk register is MOST important to update to reflect this change?

• A.Risk impact
• B.Risk trend
• C.Risk appetite
• D.Risk likelihood

Comment: *

Name: *

Email: *

Verification: *

You are the project manager of GHT project. You have applied certain control to prevent the unauthorized changes in your project. Which of the following control you would have applied for this purpose?

• A.Personnel security control
• B.Access control
• C.Configuration management control
• D.Physical and environment protection control

Comment: *

Name: *

Email: *

Verification: *