2025/2026
in order for companies to incorporate technology into their business models, they must keep up
with? - ANSWERSdigital landscape that is ever-changing
2019 Ponemon (IBM) Cost of Data Breach study? - ANSWERS$3.92 million is average total cost
of data breach globally
US average cost of data breach (rose for 5th straight year) - ANSWERS- $8.19 million (3.5%
increased from 2018)
- $242 average cost per compromised (lost or stolen) record
Cost of Capital One Breach? - ANSWERS2019: $150 million
Total: $500 million
Addressing IT use issues fall under an umbrella called? - ANSWERSGRC - governance, risk, and
compliance
Strategy for managing an organization's overall governance, enterprise risk management and
compliance with regulations? - ANSWERSGRC
GRC _____ products are available from a number of vendors. - ANSWERSsoftware
benefits of well-planned GRC strategy? - ANSWERSimproved decision
more optimal IT investments
,elimination of silos
reduced fragmentation among divisions and dpt.
Governance - ANSWERSensuring that organizational activities, like managing IT operations, are
aligned in a way that supports the organization's business goals
Risk - ANSWERSMaking sure that any risk (opportunity) associated with organizational activities
is identified and addressed in a way that supports the organization's business goals:
*IT context: comprehensive IT risk management process that rolls into an organization's
enterprise risk management function
Compliance - ANSWERSMaking sure that organizational activities are operated in a way that
meets the laws and regulations impacting those systems:
*IT context: make sure that IT systems and the data contained in those systems reused and
secured properly
G (governance) - ANSWERSprocesses that ensure the effective and efficient use of IT in enabling
an organization to achieve its goals
What is the move that establishes formal IT governance structures that specify how IT decisions
are made, carried out, reinforced, and even challenged? - ANSWERSad hoc IT decision making
IT governance helps you assess whether your organization is? - ANSWERS-aligning IT with
enterprise and realizing promised benefits
-using IT to exploit opportunities and maximize benefits
-using IT resources responsibly
-managing IT risks
-recognizing opportunities and acting upon them
, IT Governance is responsibility of shareholders (represented by _____ ) and executive
management (_____, _____) - ANSWERS- BOD
-CEO
-CIO
How is effective IT governance implemented and accomplished? - ANSWERSthroughout the
organization
What describes the leadership, organizational structures, and processes that ensure IT sustains
and extends organizational strategies and objectives? - ANSWERSIT governance framework
What does the IT governance framework include - ANSWERSdefined roles
responsibilities
relationships; methods and processes
overarching philosophy
operating strategy to guide, direct, and manage IT resources
What are some frameworks or professional guidance that can help organizations learn to
implement IT Governance? - ANSWERS1) ITIL 4
2) ISO: IEC 38500:20015
3) COBIT 2019
ITIL (Information Technology Infrastructure Library) a framework of best practices for
__________? - ANSWERSdelivering IT services
(manage org. their IT services across their lifecycle)
Who owns the ITIL personnel certification? - ANSWERSAxelos