CGEIT · Question #50
CGEIT Question #50: Real Exam Question with Answer & Explanation
The correct answer is B: Educate the executive team about the risk associated with shadow IT applications.. To effectively govern shadow IT in a cloud environment, the CIO must first ensure executive leadership understands the associated risks, enabling top-down support for policies and controls.
Question
Which of the following is the MOST effective way for a CIO to govern business unit deployment of shadow IT applications in a cloud environment?
Options
- AImplement controls to block the installation of unapproved applications.
- BEducate the executive team about the risk associated with shadow IT applications.
- CProvide training to the help desk to identify shadow IT applications.
- DReview and update the application implementation process.
Explanation
To effectively govern shadow IT in a cloud environment, the CIO must first ensure executive leadership understands the associated risks, enabling top-down support for policies and controls.
Common mistakes.
- A. Implementing controls to block applications is a technical enforcement measure that is often reactive and can be circumvented if the underlying governance and executive support are not in place.
- C. Training the help desk to identify shadow IT is a detection and response mechanism, but it doesn't address the root cause of shadow IT or provide a comprehensive governance framework.
- D. Reviewing and updating the application implementation process is a procedural improvement, but without executive understanding and support regarding shadow IT risks, such updates may lack the necessary organizational mandate for effective enforcement.
Concept tested. Shadow IT governance and executive advocacy
Topics
Community Discussion
No community discussion yet for this question.