Isaca Updated CGEIT Exam Questions and Answers by dalia

Key performance indicators (KPIs) are measurable values that demonstrate how effectively an organization is achieving its key business objectives1. KPIs help to track and evaluate the progress and success of a strategy, and to communicate the results to the relevant stakeholders2. Once the strategic vision has been established, identifying KPIs would be the best activity for supporting the implementation of performance measures, because they provide a clear and quantifiable way to measure the performance of the strategy against the vision3. KPIs should be aligned with the strategic vision, relevant to the business context, specific, measurable, achievable, realistic, and time-bound4.

References :=

• What is a Key Performance Indicator (KPI)? | Klipfolio
• Key Performance Indicators (KPIs) - Definition, Types & Examples
• How to Develop Key Performance Indicators - Strategy Management Group
• How to Set SMART KPIs for Your Business - The Balance Small Business

Information ownership is the assignment of roles and responsibilities for data protection to individuals or groups within the organization. Information owners are accountable for ensuring that data is properly classified, secured, and used in accordance with the organization’s policies and standards. Information ownership facilitates governance oversight of data protection measures by providing clear lines of authority and accountability for data assets. References:

• ISACA CGEIT Review Manual 2021, page 86: “Information ownership is the assignment of roles and responsibilities for the protection of information to individuals or groups within the enterprise.”
• ISACA CGEIT Review Questions, Answers & Explanations Manual 2021, page 11, question 14: “The correct answer is A. Information ownership is the assignment of roles and responsibilities for the protection of information to individuals or groups within the enterprise. Information owners are accountable for ensuring that information is properly classified, secured, and used in accordance with the enterprise’s policies and standards. Information ownership facilitates governance oversight of data protection measures by providing clear lines of authority and accountability for information assets.”

According to the CGEIT exam guide, the risk appetite is the amount and type of risk that an enterprise is willing to accept in pursuit of its objectives. It is a key element of the IT governance framework and should be defined by senior management before developing and managing digital applications for a new enterprise. The risk appetite provides the basis for establishing the risk management strategy, policies and processes, as well as the risk culture and awareness of the enterprise. References: CGEIT Exam Candidate Guide, page 15. CGEIT Certification