Pearson CGEIT New Attempt

 A quantitative risk assessment method uses numerical values and mathematical models to estimate the likelihood and consequences of risks. This reduces the subjectivity and bias that may arise from qualitative methods that rely on personal judgment and experience. A quantitative method also allows for more objective comparison and prioritization of risks based on their impact and probability. References :=

• Quantitative Risk Analysis (Definition, Benefits and Steps) - Indeed
• Risk Assessment and Analysis Methods: Qualitative and Quantitative - ISACA

IT governance is the process of ensuring that IT supports the business objectives and strategies of the enterprise, and that IT investments and resources are aligned with the enterprise’s needs and priorities. When individual business units design their own IT solutions without consulting the IT department, they may create solutions that are not compatible with the existing enterprise goals, such as customer satisfaction, operational efficiency, regulatory compliance, or innovation. This can result in duplication of efforts, waste of resources, increased complexity, security risks, or missed opportunities. Therefore, it is important for IT governance to establish a clear vision, strategy, and framework for IT that guides the business units in developing and implementing IT solutions that support the enterprise goals. Some examples of IT governance frameworks are COBIT1, ITIL2, and ISO/IEC 385003. References :=

• COBIT | ISACA
• ITIL | AXELOS
• ISO/IEC 38500:2015(en), Information technology — Governance of IT for the organization

 Change control procedures are a set of steps that ensure that any changes to a system, product, project, or document are authorized, documented, and tracked. Change control procedures help to maintain the quality, integrity, and security of the system or product, as well as to comply with relevant standards and regulations. By enforcing change control procedures, the enterprise can prevent unauthorized or undocumented updates that could compromise the functionality, performance, or reliability of the applications. References :=

• What is a change control procedure? With benefits and steps
• What is a change control process? Steps and template
• Change Control | Risk Management & Audit Services - Harvard University

Key performance indicators (KPIs) are metrics that help measure the performance of IT service delivery and align it with the business goals and stakeholder expectations. KPIs can help the IT governance committee to monitor, evaluate and improve the availability, quality and efficiency of the web-facing infrastructure. KPIs can also help identify and address any issues or risks that may affect the service level agreements (SLAs) or customer satisfaction. KPIs should be established before implementing other measures such as web operations procedures, business continuity plans (BCPs) or customer survey processes, as they provide the basis for setting objectives, targets and benchmarks for these measures. References: ISACA, Performance Measurement Metrics for IT Governance, page 11. datapine, Top 20 IT KPIs - Explore The Best IT KPI Examples & IT Metrics