← Back to exam page

CGEIT Certified in the Governance of Enterprise IT

Loading demo links...

Showing 19–20 of 20 questions

Question 19

Which of the following should be done FIRST when defining responsibilities for ownership of information and systems?

Select an option, then click Submit answer.

  • Require an inventory of information assets.

  • Identify systems that are outsourced.

  • Require an information risk assessment.

  • Ensure information is classified.

Question 20

An enterprise's board of directors can BEST manage enterprise risk by:

Select an option, then click Submit answer.

  • mandating board-approved enterprise risk management (ERM) modifications.

  • requiring the establishment of an enterprise-wide program management office.

  • ensuring the cost-effectiveness of the internal control system.

  • requiring the establishment of an enterprise risk management (ERM) framework.