New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CCAK Exam - Topic 3 Question 61 Discussion

Actual exam question for Isaca's CCAK exam
Question #: 61
Topic #: 3
[All CCAK Questions]

A business unit introducing cloud technologies to the organization without the knowledge or approval of the appropriate governance function is an example of:

Show Suggested Answer Hide Answer
Suggested Answer: C

Shadow IT refers to the use of IT resources (hardware, software, or cloud services) within an organization without the explicit approval of the IT or governance team. This practice is often flagged in cloud audits due to potential risks of compliance violations and security threats. The CCAK documentation from ISACA highlights the need for visibility and governance over all IT assets, with specific controls listed in the CSA CCM for Cloud Governance (GOV-09). Shadow IT poses risks to data security, compliance, and can introduce vulnerabilities, as systems are not subject to organizational standards and oversight.


by Stevie at Nov 14, 2024, 03:07 AM

Limited Time Offer

25%

Off

Get Premium CCAK Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Tasia
3 months ago
I thought vulnerabilities were more about security flaws, not this!
upvoted 0 times
...
Ashley
3 months ago
This is a classic case of Shadow IT for sure.
upvoted 0 times
...
Colene
3 months ago
Wait, are we sure it's not just an IT exception?
upvoted 0 times
...
Bette
4 months ago
Totally agree, it's a big risk!
upvoted 0 times
...
Gwen
4 months ago
That's definitely Shadow IT.
upvoted 0 times
...
Sharee
4 months ago
I could see it being a threat too, but I feel like Shadow IT fits better based on what we practiced.
upvoted 0 times
...
Venita
4 months ago
This sounds like Shadow IT to me, especially since it involves cloud technologies being used without governance approval.
upvoted 0 times
...
Odelia
4 months ago
I'm not entirely sure, but I remember something about IT exceptions being about deviations from standard practices.
upvoted 0 times
...
Katheryn
5 months ago
I think this might be related to Shadow IT since it involves using technology without proper oversight.
upvoted 0 times
...
Lucina
5 months ago
Okay, let me re-read the question and options. I think I've got it - the business unit is bypassing the proper governance process, so the answer must be C, Shadow IT.
upvoted 0 times
...
Nell
5 months ago
Ah, I recognize this type of scenario from our class discussions. I believe the correct answer is C - Shadow IT, since the business unit is introducing cloud tech without approval.
upvoted 0 times
...
Margurite
5 months ago
Hmm, I'm not entirely sure about this one. I'll need to think through the differences between the options carefully before selecting an answer.
upvoted 0 times
...
Mozelle
5 months ago
This looks like a straightforward question about IT governance. I'll focus on the key terms like "cloud technologies" and "governance function" to determine the best answer.
upvoted 0 times
...
Maryann
1 year ago
Without a doubt, C) Shadow IT. This is the IT equivalent of a kid trying to sneak a cookie before dinner.
upvoted 0 times
...
Bernardine
1 year ago
I think it could also be considered a Threat, as it opens up the organization to potential security breaches.
upvoted 0 times
...
Lisbeth
1 year ago
I agree with Elbert. It's definitely Shadow IT because it's unauthorized and can pose risks to the organization.
upvoted 0 times
...
Vilma
1 year ago
C) Shadow IT, hands down. It's like they're playing IT hide and seek, but the IT team always loses.
upvoted 0 times
Dorcas
1 year ago
B) Threats from Shadow IT can undermine the organization's IT strategy.
upvoted 0 times
...
Stevie
1 year ago
C) Shadow IT can lead to data breaches and compliance issues.
upvoted 0 times
...
Darci
1 year ago
A) IT exception is important to prevent unauthorized technology implementations.
upvoted 0 times
...
Blair
1 year ago
C) Shadow IT is a big problem. It can create security risks for the organization.
upvoted 0 times
...
...
Elbert
1 year ago
C) Shadow IT
upvoted 0 times
...
Mona
1 year ago
Ah, good ol' Shadow IT. Gotta love how creative these employees can get when they want to bypass the system.
upvoted 0 times
...
Bok
1 year ago
Hmm, I was torn between C and D, but I think C is the better option. Shadow IT is the perfect term for this scenario.
upvoted 0 times
Herminia
1 year ago
User 3: It's important for businesses to have proper governance in place to avoid these situations.
upvoted 0 times
...
Allene
1 year ago
User 2: Yeah, introducing cloud technologies without approval is a classic example of Shadow IT.
upvoted 0 times
...
Hayley
1 year ago
User 1: I agree, Shadow IT is definitely the right choice.
upvoted 0 times
...
...
Jamal
1 year ago
C) Shadow IT - that's definitely the correct answer here. Sneaking in cloud tech without approval? That's a classic case of Shadow IT.
upvoted 0 times
Fallon
1 year ago
Organizations need to have clear policies in place to prevent unauthorized technology use.
upvoted 0 times
...
Jeff
1 year ago
Shadow IT can also lead to compliance issues if not properly managed.
upvoted 0 times
...
Sheridan
1 year ago
The IT department needs to be aware of all technology being used in the organization.
upvoted 0 times
...
In
1 year ago
It's important for all technology implementations to go through the proper channels for approval.
upvoted 0 times
...
Stephanie
1 year ago
Shadow IT can lead to security breaches and compliance issues.
upvoted 0 times
...
Dannie
1 year ago
It's important for all technology implementations to go through the proper channels.
upvoted 0 times
...
Levi
1 year ago
Yes, you're right. Shadow IT can create security risks for the organization.
upvoted 0 times
...
Lilli
1 year ago
Yes, you're right. Shadow IT can pose a lot of risks to the organization.
upvoted 0 times
...
...

Save Cancel