Certified in the Governance of Enterprise IT (CGEIT) — Question 189

The CIO of an enterprise learns the payroll server of a competitor has been the victim of ransomware. To help plan for the possibility of ransomed corporate data, what should be the CIO's FIRST course of action?

Answer options

• A. Back up corporate data to a secure location.
• B. Develop a policy to address ransomware.
• C. Require development of key risk indicators (KRIs).
• D. Request a targeted risk assessment.

Correct answer: D

Explanation

The correct answer is D because a targeted risk assessment will help identify vulnerabilities specific to the organization and evaluate the potential impact of ransomware. While backing up data and developing policies are important steps, they are not as immediate or comprehensive as understanding the specific risks faced by the enterprise.