IT Governance

Question 1

How leadership accomplishes the delivery of mission-critical business capabilities using IT strategies, goals, and objectives:

Answer 1

IT Governance

Question 2

7 elements of IT Governance:

Answer 2

Availability, architecture, metadata, policy, quality, regulatory compliance and privacy, and security

Question 3

What three organizations issue guidance and best privatizes for establishing effective IT governance?

Answer 3

COSO’s internal control integrated framework
ISACA’s controls objectives for information and related technology (COBIT) framework
Axelo’s information technology infrastructure library (ITIL) framework

Question 4

COSO internal control integrated framework has to categories that pertain specifically to internal control over IT, they are:

Answer 4

Control activities

Information and communication

Question 5

ISACA’s COBIT framework distinguishes between governance and management objectives. Governance objectives are all in a single domain that is centered on evaluating, directing, and monitoring. Managements are grouped how?

Answer 5

Into 4 domains tat focus on supporting activities, integrating IT solutions into business processes, delivering IT services securely, and monitoring IT task performances with internal targets.

Question 6

The ITIL framework focuses on delivering IT services across what four domains?

Answer 6

Organizations & people
Information & technology
Partners & suppliers
Value streams & processes

Question 7

IT governance should support what? And vice versa

Answer 7

Organizational objectives

Question 8

Aligning the corporate strategy objectives with this will optimize and organizations efforts in achieving those objectives.

Answer 8

IT strategy

Question 9

What IT factors might impact the company’s corporate strategy?

Answer 9

Available IT personnel
Network design - (decentralized or centralized network)
Cybersecurity
Network design - (physical or virtual network)
Disaster recovery & business continuity

Question 10

Who are the decision makers and drivers of the way IT governance is structured?

Answer 10

The people within an organization

BOD, Executive Management, Middle Management, Accountants, IT staff, External Stakeholders, End users

Question 11

Performs oversight that IT is supporting the business strategy and operational needs

Answer 11

Board of Directors

Question 12

Make key strategic decisions and responsible for ensuring IT governance structure is in place and effective. Also set a clear tone at the top.

Answer 12

Executive Management

Question 13

Responsible for carrying out governance policies and make sure subordinates are doing the same. Ensures IT projects have appropriate resources and support

Answer 13

Middle Management

Below Exec management, but above end users

Question 14

Responsible for daily planning of IT governance policies and/or carrying out these policies; design no maintain a company’s network; firs response when end users have IT problems; and ensure safe and secure use of IT assets.

Answer 14

IT support staff

Question 15

Much of the data they handle is confidential. They act as stewards of accounting information systems, members of project development teams, and test a lot of IT systems

Answer 15

Accountants

Question 16

Everybody else that uses the IT systems. Responsible for following processes that have been established within the IT governance structure.

Answer 16

End users

Question 17

The two process groups within IT governance execution is:

Answer 17

Project development team

Steering committee

Question 18

Management, IT system personnel, accountants, and system users form a team responsible for project monitoring, managing human elements, communicate, and manage risk and escalate issues that cannot be resolved within the team for new IT projects:

Answer 18

Project development teams

Question 19

Consists of high level management and executives, experts, IT development heads, and other people in authoritative positions that develop and communicate strategize goals, review budgets budgets and allocate costs, provide ongoing guidance, ensure management participation, and monitor project development progress:

Answer 19

Steering committees

Question 20

Identifies how quickly essential business units or processes can return to full operation following a disaster. Also identifies the resources required to resume business operations.

Answer 20

Business impact analysis

Question 21

What are the steps in assessing risk in IT:

Answer 21

Identify IT resources and assets that exist
Evaluate the impact and likelihood of risk
Evaluate outcomes
Implement a response

Question 22

Determines the criteria for categorizing the list of information resources as high, moderate or low related to the effect on day to day operations. Criteria include characteristics such as how critical the asset is to business operations, costs of a failure, publicity, an any legal or ethical issues.

Answer 22

Impact

Question 23

Under this impact:
The company cannot operate without it, high recover costs, the company may fail to meet objectives or maintain its reputation

Answer 23

High impact

Question 24

Under this impact:
The company could partially function temporarily, some costs of recovery, the company may fail to meet objectives or maintain its reputation.

Answer 24

Moderate impact

Question 25

Under this impact:
The company could operate for an extended period of time, or may notice an effect on achieving the organizations objectives or an effect on its reputation

Answer 25

Low impact

Question 26

Under this likelihood:

The risk is highly probably, has occurred recently, can occur frequently, or controls o prevent it are ineffective

Answer 26

High likelihood

Question 27

Under this likelihood:

The risk could occur, but controls are in place that may impede its vulnerability

Answer 27

Medium likelihood

Question 28

Under this likelihood:

The risk is improbable, or controls are in place to prevent or significantly impede vulnerability

Answer 28

Low likelihood