CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 194
1. Effective IT governance will ensure that the IT plan is consistent with the organization's:
A) business plan.
B) audit plan.
C) security plan.
D) investment plan.
2. Establishing the level of acceptable risk is the responsibility of:
A) quality assurance management.
B) senior business management.
C) the chief information officer.
D) the chief security officer.
3. IT governance is PRIMARILY the responsibility of the:
A) chief executive officer.
B) board of directors.
C) IT steering committee.
D) audit committee.
4. As an outcome of information security governance, strategic alignment provides:
A) security requirements driven by enterprise requirements.
B) baseline security following best practices.
C) institutionalized and commoditized solutions.
D) an understanding of risk exposure.
5. Which of the following IT governance best practices improves strategic alignment?
A) Supplier and partner risks are managed.
B) A knowledge base on customers, products, markets and processes is in place.
C) A structure is provided that facilitates the creation and sharing of business information.
D) Top management mediate between the imperatives of business and technology.
A) business plan.
B) audit plan.
C) security plan.
D) investment plan.
2. Establishing the level of acceptable risk is the responsibility of:
A) quality assurance management.
B) senior business management.
C) the chief information officer.
D) the chief security officer.
3. IT governance is PRIMARILY the responsibility of the:
A) chief executive officer.
B) board of directors.
C) IT steering committee.
D) audit committee.
4. As an outcome of information security governance, strategic alignment provides:
A) security requirements driven by enterprise requirements.
B) baseline security following best practices.
C) institutionalized and commoditized solutions.
D) an understanding of risk exposure.
5. Which of the following IT governance best practices improves strategic alignment?
A) Supplier and partner risks are managed.
B) A knowledge base on customers, products, markets and processes is in place.
C) A structure is provided that facilitates the creation and sharing of business information.
D) Top management mediate between the imperatives of business and technology.
1. Right Answer: A
Explanation: To govern IT effectively, IT and business should be moving in the same direction, requiring that the IT plans are aligned with an organization's business plans. The audit and investment plans are not part of the IT plan, while the security plan should be at a corporate level.
2. Right Answer: B
Explanation: Senior management should establish the acceptable risk level, since they have the ultimate or final responsibility for the effective and efficient operation of the organization. Choices A, C and D should act as advisors to senior management in determining an acceptable risk level.
3. Right Answer: B
Explanation: IT governance is primarily the responsibility of the executives and shareholders {as represented by the board of directors). The chief executive officer is instrumental in implementing IT governance per the directions of the board of directors. The IT steering committee monitors and facilitates deployment of IT resources for specific projects in support of business plans. The audit committee reports to the board of directors and should monitor the implementation of audit recommendations.
4. Right Answer: A
Explanation: Information security governance, when properly implemented, should provide four basic outcomes: strategic alignment, value delivery, risk management and performance measurement. Strategic alignment provides input for security requirements driven by enterprise requirements. Value delivery provides a standard set of security practices, i.e., baseline security following best practices or institutionalized and commoditized solutions. Risk management provides an understanding of risk exposure.
5. Right Answer: D
Explanation: Top management mediating between the imperatives of business and technology is an IT strategic alignment best practice. Supplier and partner risks being managed is a risk management best practice. A knowledge base on customers, products, markets and processes being in place is an IT value delivery best practice. An infrastructure being provided to facilitate the creation and sharing of business information is an IT value delivery and risk management.
Explanation: To govern IT effectively, IT and business should be moving in the same direction, requiring that the IT plans are aligned with an organization's business plans. The audit and investment plans are not part of the IT plan, while the security plan should be at a corporate level.
2. Right Answer: B
Explanation: Senior management should establish the acceptable risk level, since they have the ultimate or final responsibility for the effective and efficient operation of the organization. Choices A, C and D should act as advisors to senior management in determining an acceptable risk level.
3. Right Answer: B
Explanation: IT governance is primarily the responsibility of the executives and shareholders {as represented by the board of directors). The chief executive officer is instrumental in implementing IT governance per the directions of the board of directors. The IT steering committee monitors and facilitates deployment of IT resources for specific projects in support of business plans. The audit committee reports to the board of directors and should monitor the implementation of audit recommendations.
4. Right Answer: A
Explanation: Information security governance, when properly implemented, should provide four basic outcomes: strategic alignment, value delivery, risk management and performance measurement. Strategic alignment provides input for security requirements driven by enterprise requirements. Value delivery provides a standard set of security practices, i.e., baseline security following best practices or institutionalized and commoditized solutions. Risk management provides an understanding of risk exposure.
5. Right Answer: D
Explanation: Top management mediating between the imperatives of business and technology is an IT strategic alignment best practice. Supplier and partner risks being managed is a risk management best practice. A knowledge base on customers, products, markets and processes being in place is an IT value delivery best practice. An infrastructure being provided to facilitate the creation and sharing of business information is an IT value delivery and risk management.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment