New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CGEIT Exam - Topic 8 Question 4 Discussion

Actual exam question for Isaca's CGEIT exam
Question #: 4
Topic #: 8
[All CGEIT Questions]

A regulatory audit assessed an enterprise's main transactional application as noncompliant. In addition to fines and required corrections, an agreement was reached to implement a set of governance controls over IT. Accountability for these controls is BEST assigned to which of the following?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Paris at May 03, 2022, 07:55 PM

Limited Time Offer

25%

Off

Get Premium CGEIT Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Donte
4 months ago
Internal audit director could also play a key role in this situation.
upvoted 0 times
...
Nelida
4 months ago
Wait, why would application users be accountable? That seems off.
upvoted 0 times
...
Vincent
4 months ago
Not so sure, the board of directors might be better suited for accountability.
upvoted 0 times
...
Ashley
4 months ago
Definitely agree, the CIO has the oversight needed!
upvoted 0 times
...
Jame
5 months ago
I think the CIO should be responsible for governance controls.
upvoted 0 times
...
Estrella
5 months ago
I think application users should have some responsibility, but I doubt they would be the best choice for overall accountability in this scenario.
upvoted 0 times
...
Yaeko
5 months ago
This question feels similar to one we practiced about accountability in IT governance. I think the board of directors might have the final say, but I’m not entirely confident.
upvoted 0 times
...
Carma
5 months ago
I remember we discussed the role of the CIO in governance controls, but I'm not sure if they should be solely accountable.
upvoted 0 times
...
Leslie
5 months ago
I feel like the internal audit director would be a good choice since they oversee compliance, but I wonder if the CIO has more direct control over IT governance.
upvoted 0 times
...
Nikita
5 months ago
Hmm, I'm a bit unsure about this one. The question is asking about item types that can be inserted by authors, but they have to be defined by developers first. I'm not entirely sure which of these options fits that description best. I'll have to think it through carefully.
upvoted 0 times
...
King
5 months ago
Okay, I think I've got this. Sharing rules and permission set groups are the two features that would allow extending record access beyond the organization-wide defaults. I'll select those.
upvoted 0 times
...

Save Cancel