Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CGEIT All Questions

View all questions & answers for the CGEIT exam
Go to Exam

Exam CGEIT topic 1 question 69 discussion

Actual exam question from Isaca's CGEIT
Question #: 69
Topic #: 1
[All CGEIT Questions]

Following a major IT incident that resulted in a loss to the enterprise, a CIO is preparing for a meeting with the board of directors to discuss what may have failed internally. Which of the following should the CIO do FIRST to provide assurance to the board?

  • A. Review the IT control environment.
  • B. Ensure IT and enterprise risk management alignment.
  • C. Review the incident response policy.
  • D. Verify continuous monitoring is being performed.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Frank1480 at June 15, 2023, 7:44 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
ARaghunanan
2 months, 1 week ago
Selected Answer: A
The IT Control environment provides a broader assessment of the internal controls, including the overall governance, risk management, and control mechanisms.
upvoted 1 times
...
shiowbah
7 months, 1 week ago
A. Review the IT control environment.
upvoted 1 times
shiowbah
7 months, 1 week ago
C. Review the incident response policy.
upvoted 1 times
...
...
SuperMax
8 months, 1 week ago
Selected Answer: C
C. Review the incident response policy. The first step the CIO should take to provide assurance to the board of directors after a major IT incident is to review the incident response policy. This policy outlines the procedures and protocols for responding to IT incidents, including how incidents are detected, reported, escalated, investigated, and resolved. By reviewing the incident response policy, the CIO can assess whether the existing procedures were followed appropriately during the incident and identify any gaps or weaknesses that may have contributed to the incident or hindered its resolution. This information will be crucial for the CIO to provide assurance to the board that the organization has adequate processes in place to manage IT incidents effectively and mitigate future risks.
upvoted 2 times
...
Broesweelies
1 year, 1 month ago
Selected Answer: A
The first step for the CIO should be to review the IT control environment to identify what controls failed and why the incident occurred. This review will provide the necessary information to assure the board about the internal state of IT and what measures are being taken to prevent future incidents.
upvoted 2 times
...
Frank1480
1 year, 5 months ago
To provide assurance to the board of directors following a major IT incident, the FIRST action the CIO should take is: C. Review the incident response policy. Here's why: Review the incident response policy: After a major IT incident, it is crucial to review the incident response policy to assess its effectiveness in addressing and mitigating similar incidents in the future. By reviewing the policy, the CIO can evaluate whether it was followed appropriately during the incident, identify any gaps or deficiencies, and propose necessary improvements. This step demonstrates the CIO's proactive approach in addressing the incident and ensures that the incident response policy is robust and aligned with the enterprise's needs.
upvoted 3 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel