[2024年06月15日] 合格させるCGEITレビューガイド、信頼され続けるCGEITテストエンジン [Q44-Q63]

Share

[2024年06月15日] 合格させるCGEITレビューガイド、信頼され続けるCGEITテストエンジン

CGEITテストエンジン練習テスト問題、試験問題集


ISACA CGEIT(Enterprise ITのガバナンスで認定されている)試験は、組織のITシステムとプロセスがビジネスの全体的な目標と目的と一致することを保証する責任を負うITプロフェッショナル向けに設計されています。 CGEIT認定は世界中で認識されており、ITガバナンスの専門家のベンチマークと見なされています。この認定は、ITガバナンス、リスク管理、コンプライアンスの分野における個人の専門知識と知識の検証です。


CGEIT試験は、ITガバナンスフレームワーク、戦略的マネジメント、リスクマネジメント、ITリソースマネジメントなどのトピックをカバーしています。候補者は、試験ドメインの1つ以上での経験を含む、ITガバナンスにおける最低5年の経験が必要です。試験は4時間で、150の多肢選択問題から構成されています。候補者は、800点中450点以上の最低スコアを達成する必要があります。

 

質問 # 44
Which of the following roles is directly responsible for information quality?

  • A. Information steward
  • B. Information custodian
  • C. Information owner
  • D. Information analyst

正解:A

解説:
This is because an information steward is a person or group who is accountable for the quality, integrity, and usability of the information assets within a specific domain or function1. The responsibilities of an information steward include the following1:
Defining and enforcing data quality standards, policies, and procedures Monitoring and measuring data quality performance and outcomes Identifying and resolving data quality issues and errors Collaborating with data owners, custodians, analysts, and users to ensure data quality alignment and improvement Educating and training data stakeholders on data quality best practices and tools An information steward plays a key role in ensuring that the information assets are accurate, complete, consistent, reliable, and fit for purpose1.
The other options, information custodian, information analyst, and information owner are not directly responsible for information quality. They are more involved in the creation, storage, access, and use of information assets, rather than their quality2. They may also have different perspectives and interests than the information steward regarding the information quality. For example, the information custodian may focus on the security and availability of information assets, while the information analyst may focus on the analysis and interpretation of information assets. The information owner may focus on the value and benefits of information assets. Therefore, they may not have the same authority or responsibility as the information steward for ensuring information quality. := What Is an Information Steward? | Informatica, Data Roles: Data Owner vs Data Steward vs Data Custodian


質問 # 45
An IT strategy committee wants to ensure that a risk program is successfully implemented throughout the enterprise. Which of the following would BEST support this goal?

  • A. A risk recognition and reporting policy
  • B. A risk management framework
  • C. Mandatory risk awareness courses for staff
  • D. Commitment from senior management

正解:D


質問 # 46
Which of the following is MOST important to include in the customer dimension of an IT balanced scorecard?

  • A. Maintenance of IT operations
  • B. Business value creation
  • C. Support for corporate customers
  • D. Stakeholder satisfaction

正解:D


質問 # 47
An enterprise is planning a transformation initiative by leveraging emerging technology that will have a significant impact on existing products and services Which of the following is the BEST way for IT to prepare for this change?

  • A. Procure appropriate resources to support emerging technology
  • B. Assess the impact on the existing IT strategy
  • C. Use a balanced scorecard to measure IT outcomes.
  • D. Analyze emerging technology products and related training needs.

正解:C


質問 # 48
An enterprise has committed to the implementation of a new IT governance model. The BEST way to begin this implementation is to:

  • A. identify the role of IT in supporting the business.
  • B. prioritize how much and where to invest in IT.
  • C. identify IT services that currently support the enterprise's capability.
  • D. define policies for data, applications, and organization of infrastructure.

正解:A

解説:
The first step in implementing a new IT governance model is to identify the role of IT in supporting the business, which means clarifying the vision, mission, goals, and strategies of the enterprise and how IT can enable and align with them. This step helps to establish the business value and direction of IT, as well as the expectations and responsibilities of the stakeholders involved. It also helps to define the scope and boundaries of IT governance, and to identify the key issues and challenges that need to be addressed. Identifying the role of IT in supporting the business is a prerequisite for the other steps, such as identifying IT services, defining policies, and prioritizing investments, which are based on the business needs and objectives. References:
CGEIT Exam Content Outline | ISACA1, CGEIT Review Manual (Digital Version), 5 Steps to Create a Governance Model to Become an IT Genius in Healthcare2


質問 # 49
The CIO of a global technology company is considering introducing a bring your own device (BYOD) program. What should the CIO do FIRST?

  • A. Establish a business case.
  • B. Focus on securing data and access to data.
  • C. Define a clear and inclusive BYOD policy.
  • D. Ensure the infrastructure can meet BYOD requirements.

正解:A


質問 # 50
Which of the following would a CIO use to present the overall view of IT performance to the board of directors?

  • A. Key risk indicators (KRIS)
  • B. Balanced scorecard
  • C. Key performance indicators (KPIs)
  • D. Maturity model

正解:D


質問 # 51
Which of the following is MOST important to review during IT strategy development?

  • A. Data flows that indicate areas requiring IT support
  • B. Industry best practices
  • C. Current business environment
  • D. IT balanced scorecard

正解:C


質問 # 52
Which of the following is the BEST way for a CIO to assess the consistency of IT processes against industry benchmarks to determine where to focus improvement initiatives?

  • A. Evaluating the current balanced scorecard
  • B. Reviewing key performance measures
  • C. Utilizing a capability maturity model
  • D. Reviewing IT process audit results

正解:C

解説:
Utilizing a capability maturity model is the best way for a CIO to assess the consistency of IT processes against industry benchmarks and determine where to focus improvement initiatives. Capability maturity models provide a structured framework for evaluating the maturity of an organization's processes in comparison to industry best practices. This approach helps identify areas of strength and opportunities for improvement, guiding strategic decisions on where to allocate resources for process enhancements. While balanced scorecards, key performance measures, and IT process audit results are useful, a capability maturity model offers a comprehensive assessment specifically designed for process improvement.


質問 # 53
A business is considering a policy to anonymize personal data in enterprise systems. Before making a decision, which of the following is MOST important for the IT steering committee to consider?

  • A. Business impact analysis (BIA) results
  • B. Sustainability costs to the enterprise
  • C. Potential implementation barriers
  • D. Regulatory requirements

正解:D


質問 # 54
An enterprise has a large backlog of IT projects. The current strategy is to execute projects as they are submitted, but executive management does not believe this method is optimal. Which of the following is the MOST important action to address this concern?

  • A. Establish a performance dashboard that determines business value.
  • B. Create a combined business/IT committee to determine project prioritization.
  • C. Implement a methodology to prioritize projects based on resource availability.
  • D. Implement stage-gating to determine the value of each project.

正解:C

解説:
The most important action to address the concern of executive management about the current strategy of executing projects as they are submitted is to create a combined business/IT committee to determine project prioritization. This action will help to ensure that the IT projects are aligned with the enterprise's objectives, strategies, and values, and that they deliver the highest value and impact to the business and the customers. A combined business/IT committee can also facilitate the communication, collaboration, and coordination among the stakeholders involved in the IT projects, and resolve any conflicts or issues that may arise. A combined business/IT committee can use various project prioritization methods, such as scoring models, prioritization matrices, payback periods, or portfolio dashboards, to evaluate and rank the IT projects based on criteria such as business value, urgency, feasibility, risk, and resource availability


質問 # 55
The testing methods help in shaping opinion against assurance objectives by combining one or more of the test types. Which of the following are the test types used in this process? Each correct answer represents a complete solution. Choose all that apply.

  • A. Observe
  • B. Inspect
  • C. Inquire
  • D. Plan

正解:A、B、C


質問 # 56
Which of the following resource categories includes skill sets, certifications, productivity, and morale?

  • A. People
  • B. Processes
  • C. Products
  • D. Partners

正解:A


質問 # 57
An enterprise is planning a change in business direction. As a result, IT risk will significantly increase. Which of the following should be the GO'S FIRST course of action?

  • A. Implement IT changes to align with the plan.
  • B. Recommend delaying the business change.
  • C. Report the risk to executive management
  • D. Plan for the corresponding IT reorganization.

正解:C

解説:
The CIO's first course of action should be to report the risk to executive management, as they are ultimately responsible for the strategic direction and risk appetite of the enterprise. Reporting the risk will help to ensure that executive management is aware of the potential impact and consequences of the change in business direction, and that they can make informed decisions about how to proceed. Reporting the risk will also help to establish a clear communication channel and a collaborative relationship between the IT function and the business function, which are essential for effective IT governance and risk management.
Recommending delaying the business change is not the first course of action, as it may not be feasible or desirable for the enterprise. The CIO should not interfere with the business objectives or priorities without first understanding the rationale and expectations of executive management. The CIO should also not assume that the risk is unacceptable or unmanageable without conducting a proper risk assessment and analysis.
Implementing IT changes to align with the plan is not the first course of action, as it may be premature or inappropriate for the IT function to act on the change in business direction without first consulting with executive management and other stakeholders. The CIO should not initiate or approve any IT changes without first understanding the scope, requirements, benefits, and risks of the change, and without following the established change management process and procedures.
Planning for the corresponding IT reorganization is not the first course of action, as it may be unnecessary or counterproductive for the IT function to restructure its resources, roles, and responsibilities without first communicating with executive management and other stakeholders. The CIO should not assume that the change in business direction will require a major IT reorganization without first evaluating the current and future state of the IT environment, and without considering the impact on the IT performance, efficiency, and effectiveness.
References := IT Risk Resources | ISACA, Risk Management Best Practices section. IT Risk Management Process & Frameworks - ProjectManager, How to Manage Risk in IT section. Complete Guide to IT Risk Management | CompTIA, How to Implement an Effective Risk Management Strategy section. IT Risk Management Best Practices | Risk Management Strategies, Continuous Evaluation section. 6 Best Practices in Cybersecurity Risk Management - Indusface, Communication of Risks section.


質問 # 58
An enterprise is initiating efforts to improve system availability to mitigate IT risk to the business. Which of the following results would be MOST important to report to the CIO to measure progress?

  • A. Financial losses and bad press releases
  • B. Customer and stakeholder complaints over time
  • C. Probability and seventy of each IT risk
  • D. Incident severity and downtime trend analysis

正解:D

解説:
Incident severity and downtime trend analysis is the most important result to report to the CIO to measure progress in improving system availability to mitigate IT risk to the business, because it directly reflects the impact and frequency of system failures or disruptions on the business operations, processes, and functions.
By analyzing the severity and duration of incidents over time, the CIO can evaluate the effectiveness of the IT risk management and system availability strategies, and identify any gaps, issues, or opportunities for improvement. Incident severity and downtime trend analysis can also help the CIO to communicate the value and performance of the IT risk management and system availability initiatives to the business stakeholders, and justify any further investment or action required to achieve the desired outcomes.
The other options are not as important as incident severity and downtime trend analysis, because they are either too indirect or too subjective to measure progress in improving system availability to mitigate IT risk to the business. Probability and severity of each IT risk is a useful input for IT risk management, but it does not necessarily reflect the actual occurrence or impact of system failures or disruptions on the business1. Financial losses and bad press releases are possible consequences of system failures or disruptions, but they may not capture the full extent or root causes of the IT risk to the business2. Customer and stakeholder complaints over time are indicators of customer satisfaction and loyalty, but they may not be reliable or consistent measures of system availability or IT risk to the business


質問 # 59
From an IT governance perspective, establishing performance measurements is PRIMARILY the responsibility of:

  • A. the board of directors.
  • B. senior management.
  • C. enterprise risk management (ERM).
  • D. the IT architecture review board.

正解:A


質問 # 60
Which of the following areas addresses the safeguarding of IT assets, disaster recovery and continuity of operations?

  • A. Performance measurement
  • B. Value delivery
  • C. Risk management
  • D. Strategic alignment

正解:C


質問 # 61
Which of the following are the roles of a CEO in the Resource management framework?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Organizing and facilitating IT strategic implementations
  • B. Overseeing the aggregate IT funding
  • C. Establishment of business priorities & allocation of resources for IT performance
  • D. Capitalization on knowledge & information

正解:A、C、D


質問 # 62
An enterprise has identified potential environmental disasters that could occur in the area where its data center is located. Which of the following should be done NEXT?

  • A. Assess the likelihood and impact on the data center.
  • B. Relocate the data center to minimize the threat.
  • C. Implement an early warning detection and notification system.
  • D. Assess how the data center is protected against the threat.

正解:A


質問 # 63
......


ISACA CGEIT 資格試験は、個人のITガバナンスにおける専門性を示すグローバルな認定資格です。この試験は、5つの主要なドメインをカバーし、ITガバナンスのフレームワーク、リスク管理、リソース配分に対する候補者の理解をテストします。試験を受験するためには、候補者は少なくとも5年間のITガバナンスの経験を持ち、包括的な試験に合格する必要があります。試験に合格し、CGEIT 資格認定を取得することは、ITガバナンスの分野における優れた信頼性と専門性を示すものです。

 

100%無料CGEIT日常練習試験には565問があります:https://jp.fast2test.com/CGEIT-premium-file.html

CGEIT試験資料ISACA学習ガイド:https://drive.google.com/open?id=1Szh7t8Lw-NH6huF_kraBtxj07v22aR5l


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어