CGEIT IT Compliance and Assurance

Question 1

In IT governance, 'compliance' PRIMARILY refers to:

Accepted Answer

Adherence to laws, regulations, standards, and internal policies applicable to IT

Answer

IT compliance means conforming to the external regulatory requirements and internal policies that govern how IT systems and data must be managed.

Question 2

Which US regulation MOST directly requires IT governance controls over financial reporting systems?

Accepted Answer

Sarbanes-Oxley Act (SOX)

Answer

SOX Section 404 requires organizations to establish and certify internal controls over financial reporting, including IT systems that support those reports.

Question 3

An IT compliance audit PRIMARILY evaluates whether:

Accepted Answer

IT controls and practices conform to required standards, regulations, or policies

Answer

An IT compliance audit assesses whether the organization's IT controls and practices conform to the applicable legal, regulatory, and policy requirements.

Question 4

The concept of 'IT assurance' BEST refers to:

Accepted Answer

Independent validation that IT controls are operating effectively and reliably

Answer

IT assurance is an independent evaluation that gives stakeholders confidence that IT controls are operating as intended and are reliable.

Question 5

Which standard is MOST commonly used as a framework for IT controls assurance in US organizations?

Accepted Answer

COBIT (Control Objectives for Information and Related Technologies)

Answer

COBIT is the primary globally recognized framework for IT governance and control objectives, widely used for assurance and compliance assessments in US organizations.

CGEIT - Certified in the Governance of Enterprise IT Practice Test

CGEIT - Certified in the Governance of Enterprise IT Practice Test

CGEIT IT Compliance and Assurance