COBIT 2019 FOUNDATION
EXAM PRACTICE SET 1 (80 QUESTIONS)
Trainer : Hery Purnama
Question 1 ( Single Topic)
Who is responsible for the oversight
of structures and mechanisms that drive enterprise governance of information
and technology (EGIT)?
- A. Individual business units
- B. External regulators
- C. The board
CORRECT ANSWER
Answer : C
Reference:
https://www.isaca.org/resources/isaca-journal/issues/2017/volume-4/exploring-how-corporate-governance-codes-address-it-governance
Question 2 ( Single Topic)
COBIT defines stakeholder value
creation as which of the following?
- A. Realization of benefits at a controlled resource
cost while controlling risk
- B. Realization of benefits at an optimal resource
cost while optimizing risk
- C. Realization of benefits at a reduced resource cost
while mitigating risk
CORRECT ANSWER
Answer : C
Question 3 ( Single Topic)
The value that I&T delivers should
be:
- A. aligned directly with the values on which the
business is focused.
- B. focused exclusively on I&T investments that
generate financial benefits.
- C. restricted to maintaining and increasing value
derived from existing I&T investments.
CORRECT ANSWER
Answer : C
Reference:
https://community.mis.temple.edu/mis5203sec001sp2019/files/2019/01/COBIT-2019-Framework-Introduction-and-Methodology_res_eng_1118.pdf
(12)
Question 4 ( Single Topic)
COBIT addresses governance issues by
doing which of the following?
- A. Grouping relevant governance components into
objectives that can be managed to a required capability level
- B. Providing a full description of the entire IT
environment within an enterprise
- C. Defining specific governance strategies and
processes to implement in specific situations
CORRECT ANSWER
Answer : A
Question 5 ( Single Topic)
Which of the following is a guiding
principle in the development of COBIT?
- A. COBIT aligns with other related and relevant
I&T standards, frameworks and regulations
- B. COBIT includes relevant content from other related
I&T standards, frameworks and regulations.
- C. COBIT serves as a comprehensive standalone
framework that covers all relevant I&T-related activities.
CORRECT ANSWER
Answer : A
Question 6 ( Single Topic)
Which of the following is an element
of governance?
- A. Building plans to align with the direction set by
the governance body
- B. Monitoring activities designed to achieve
enterprise objectives
- C. Evaluating stakeholder needs to determine
enterprise objectives
CORRECT ANSWER
Answer : A
Element 1: Set a clear purpose and
stay focused on it.
Reference:
https://oag.parliament.nz/good-practice/governance/organisation
Question 7 ( Single Topic)
In most cases, management of the
enterprise is the responsibility of:
- A. the project management office.
- B. the executive management team.
- C. the board of directors.
CORRECT ANSWER
Answer : A
A strategic (enterprise) PMO
(sometimes called the office of strategy management) plays a role in linking
the organization's projects to its strategic plans.
Reference:
https://www.pmi.org/learning/library/strategic-project-management-office-execution-6737
Question 8 ( Single Topic)
Which of the following benefits
derived from the use of COBIT is PRIMARILY associated with an external
stakeholder?
- A. COBIT provides guidance on how to organize and
monitor the performance of I&T across the enterprise.
- B. COBIT helps to manage the dependency on the use of
external service providers.
- C. COBIT helps to ensure compliance with applicable
rules and regulations.
CORRECT ANSWER
Answer : A
Reference:
https://www.cio.com/article/3243684/what-is-cobit-a-framework-for-alignment-and-governance.html
Question 9 ( Single Topic)
The primary target audience for COBIT
is:
- A. anyone responsible for the governance solution.
- B. assurance professionals responsible for evaluating
and reporting on the existence of internal controls.
- C. business and IT management responsible for
building and deploying I&T solutions.
CORRECT ANSWER
Answer : C
The course is suitable for business
managers, chief executives, IT/IS auditors, internal auditors, information
security and IT practitioners, consultants and IT/IS managers requiring an
insight into the enterprise governance of IT and who may also be requiring
certification as a COBIT 5.
Reference:
https://s3-eu-west-1.amazonaws.com/cdn.webfactore.co.uk/6176_2_cobit%C2%AE+5+foundation.pdf
Question 10 ( Single Topic)
Within the principles for a governance
system, the value generated from the use of I&T reflects:
- A. the ratio of costs versus achieved service levels.
- B. a balance among benefits, risk and resources.
- C. maximized financial benefits to the investment
portfolio.
CORRECT ANSWER
Answer : B
The governance system should also to
generate value from the use of I&T. To create value, the enterprise must
balance benefits, risk, and resources.
Reference:
https://www.testpreptraining.com/tutorial/governance-system-principles/
Question 11 ( Single Topic)
Which of the following should a
stakeholder do to optimize the use of COBIT?
- A. Customize COBIT guidance to meet industry best
practices.
- B. Customize COBIT guidance to meet specific
enterprise needs.
- C. Ensure COBIT guidance is strictly followed without
alterations.
CORRECT ANSWER
Answer : B
Customizable solution that can address
the unique needs of any enterprise.
Reference:
https://www.escoute.com/finally-a-guide-for-tailoring-a-governance-system-for-information-and-technology/
Question 12 ( Single Topic)
Which COBIT principle addresses the
need to consider how many changes in technology or strategy impact the
enterprise governance system as a whole?
- A. A governance system should be tailored to the
enterprise×’€™s needs.
- B. A governance system should cover the enterprise
end to end.
- C. A governance system should be dynamic.
CORRECT ANSWER
Answer : A
Reference:
https://www.escoute.com/finally-a-guide-for-tailoring-a-governance-system-for-information-and-technology/
Question 13 ( Single Topic)
Which of the following BEST enables an
enterprise to maximize value from the use of I&T?
- A. A clearly defined I&T management structure
- B. An actionable strategy and governance system
- C. Well-documented and monitored business processes
CORRECT ANSWER
Answer : B
To create value, the enterprise must
balance benefits, risk, and resources, and develop an actionable strategy and
governance system.
Reference:
https://www.testpreptraining.com/tutorial/governance-system-principles/
Question 14 ( Single Topic)
Which of the following is a KEY
principle of an enterprise governance system?
- A. It should focus on all technology and information
processing, regardless of where processing takes place.
- B. It should focus only on technology and information
processing that takes place within the IT function.
- C. It should focus only on technology and information
processing that takes place in cost centers
CORRECT ANSWER
Answer : A
A governance system should cover the
enterprise end to end, focusing not only on the IT function but on all technology
and information processing the enterprise puts in place to achieve its goals,
regardless where the processing is located in the enterprise.
Reference:
https://www.futurelearn.com/info/courses/security-operations/0/steps/89307
Question 15 ( Single Topic)
According to the principles for a governance framework, which of the following
is a PRIMARY consideration when addressing new issues within a flexible and
open framework?
- A. Maintaining integrity and consistency
- B. Aligning with internal IT policies and procedures
- C. Identifying related industry standards
CORRECT ANSWER
Answer : A
Question 16 ( Single Topic)
Which of the following is a principle
of a proper governance framework?
- A. It should be based on a conceptual model.
- B. It should be independent of other standards,
frameworks and regulations.
- C. It should be self-contained and not allow for the
addition of new content.
CORRECT ANSWER
Answer : A
Reference:
https://oltconsulting.net/wp-content/uploads/2018/06/Gobierno-IT.pdf
Question 17 ( Single Topic)
Which of the following is a principle
associated with the key components of a governance framework?
- A. The interaction among key components will impede
automation and should therefore be limited.
- B. The relationships among key components should be
identified to maximize consistency.
- C. Key components should function independently to
maintain integrity.
CORRECT ANSWER
Answer : C
Question 18 ( Single Topic)
Which of the following describes the COBIT
performance model?
- A. The COBIT performance model is a stand-alone model
that can be used in conjunction with the COBIT core model.
- B. The COBIT performance model is integrated into the
COBIT core model.
- C. The COBIT performance model is unique and not
aligned with existing maturity and capability models.
CORRECT ANSWER
Answer : B
Reference:
https://community.mis.temple.edu/mis5203sec001sp2019/files/2019/01/COBIT-2019-Framework-Introduction-and-Methodology_res_eng_1118.pdf
Question 19 ( Single Topic)
Within a tailored enterprise
governance system, a sourcing model for information and technology is
associated with:
- A. design factors.
- B. relevant industry frameworks.
- C. focus areas.
CORRECT ANSWER
Answer : A
Design factors can influence the blueprint
of your enterprise×’€™s governance system and position it for the successful use
of I&T.
Reference:
https://www.escoute.com/finally-a-guide-for-tailoring-a-governance-system-for-information-and-technology/
Question 20 ( Single Topic)
Which of the following governance
components is ESSENTIAL for effective decision making?
- A. People, skills and competencies
- B. Processes
- C. Organizational structures
CORRECT ANSWER
Answer : A
Decision-making relies on logic and
communicative rationality, aligning people based upon a logical progression
from premises to conclusion.
Reference:
https://courses.lumenlearning.com/boundless-management/chapter/decision-making-in-management/
Question 21 ( Single Topic)
Which of the following domains deals
with the definition of IT solutions and their integration in business
processes?
- A. Align, Plan and Organize (APO)
- B. Deliver, Service and Support (DSS)
- C. Build, Acquire and Implement (BAI)
CORRECT ANSWER
Answer : C
Reference:
https://graser.co.at/en/cobit-5-understand-the-framework/
Question 22 ( Single Topic)
Which COBIT domain of management
objectives incorporates managed risk?
- A. Build, acquire and implement (BAI)
- B. Align, plan and organize (APO)
- C. Deliver, service and support (DSS)
CORRECT ANSWER
Answer : B
Reference:
https://graser.co.at/en/cobit-5-understand-the-framework/
Question 23 ( Single Topic)
Which COBIT domain of management
objectives incorporates managed business process controls?
- A. Build, Acquire and Implement (BAI)
- B. Align, Plan and Organize (APO)
- C. Deliver, Service and Support (DSS)
CORRECT ANSWER
Answer : C
Reference:
https://graser.co.at/en/cobit-5-understand-the-framework/
Question 24 ( Single Topic)
Which of the following components of a
governance system are MOST likely to be underestimated as factors in the
success of governance and management activities?
- A. Culture, ethics and behavior
- B. People, skills and competencies
- C. Principles, policies and frameworks
CORRECT ANSWER
Answer : A
Reference:
https://graser.co.at/cobit-5-understand-the-framework-2/
Question 25 ( Single Topic)
Which of the following is based on
generic components of a governance system but are tailored for a specific
purpose or context within a focus area?
- A. Guiding principles
- B. Variant components
- C. Design factors
CORRECT ANSWER
Answer : B
These components (of a governance
system) can be either generic or ×’€variants of generic.×’€ Generic components
are described in the COBIT Core Model and apply in principle to any situation
(although they ×’€generally need customization before being practically
implemented.×’€) Whereas variants are based on the generic components but
tailored for a specific purpose or context within a focus area.
Reference:
https://www.joetheitguy.com/cobit-2019-key-changes-cobit-5/
Question 26 ( Single Topic)
Which of the following is a key
component of a governance system?
- A. Performance metrics
- B. Processes
- C. Legal and regulatory requirements
CORRECT ANSWER
Answer : B
Question 27 ( Single Topic)
Which of the following components of
the governance system are required for successful completion of all activities?
- A. People, skills and competencies
- B. Processes
- C. Principles, policies and frameworks
CORRECT ANSWER
Answer : A
Question 28 ( Single Topic)
The number of focus areas describing a
certain governance topic or issue that can be addressed by governance
objectives is:
- A. dependent on process maturity
- B. determined by the size of the enterprise
- C. virtually unlimited
CORRECT ANSWER
Answer : C
Question 29 ( Single Topic)
The enterprise goal of compliance with
external laws and regulations is aligned to which balanced scorecard (BSC)
dimension?
- A. Financial
- B. Growth
- C. Internal
CORRECT ANSWER
Answer : A
Balanced Scorecard or BSC (read as
B-S-C) dimensions. The BSC dimensions are:
Financial
Question 30 ( Single Topic)
Innovation and differentiation are
examples of:
- A. enterprise goal risk factors.
- B. enterprise objectives design factors.
- C. enterprise strategy design factors.
CORRECT ANSWER
Answer : B
Question 31 ( Single Topic)
The enterprise goal titled
`Optimization of Business Process Costs` is aligned to which balanced scorecard
(BSC) dimension?
- A. Growth
- B. Customer
- C. Internal
CORRECT ANSWER
Answer : C
Reference:
https://community.mis.temple.edu/mis5203sec001sp2019/files/2019/01/COBIT-2019-Framework-Introduction-and-Methodology_res_eng_1118.pdf
(24)
Question 32 ( Single Topic)
What is the focus of an enterprise
that has a cost leadership strategy design factor?
- A. Long-term cost optimization
- B. Medium-term cost equalization
- C. Short-term cost minimization
CORRECT ANSWER
Answer : A
Question 33 ( Single Topic)
Within the COBIT goals cascade,
stakeholder drivers are transformed into:
- A. the enterprise×’€™s actionable strategy.
- B. business unit performance metrics.
- C. the enterprise×’€™s governance framework.
CORRECT ANSWER
Answer : A
Reference:
https://blog.firstreference.com/the-isaca-has-traded-in-cobit-5-for-cobit-2019-part-3-of-3/#.YGXbnh1RWQ4
Question 34 ( Single Topic)
Which of the following MUST be defined
before determining alignment goals?
- A. External laws and regulations
- B. Stakeholder drivers and needs
- C. Governance and management objectives
CORRECT ANSWER
Answer : B
Reference:
https://www.joetheitguy.com/cobit-a-z/
Question 35 ( Single Topic)
Time-to-market is a market that is
directly related to which of the following enterprise goals?
- A. Optimization of internal business process
functionality
- B. Portfolio of competitive products and services
- C. Managed digital transformation programs
CORRECT ANSWER
Answer : B
Question 36 ( Single Topic)
Which of the following would be an
appropriate metric associated with an enterprise goal of `Business service
continuity and availability`?
- A. Satisfaction levels of board and executive
management with business process capabilities
- B. Ratio of significant incidents that were not
identified in risk assessments vs. total incidents
- C. Number of business processing hours lost due to
unplanned service interruptions
CORRECT ANSWER
Answer : C
Reference:
https://www.oo2.fr/sites/default/files/document/pdf/cobit-5_res_eng_1012.pdf
(58)
Question 37 ( Single Topic)
Which of the following enterprise
goals is within the Customer dimension of the IT balanced scorecard?
- A. Delivery of programs on time and on budget
- B. Product and business innovation
- C. Quality of management information
CORRECT ANSWER
Answer : C
Reference:
https://blog.firstreference.com/the-isaca-has-traded-in-cobit-5-for-cobit-2019-part-3-of-3/#.YGYd8h1RWQ4
Question 38 ( Single Topic)
Which of the following cascades to
enterprise goals?
- A. Stakeholder needs
- B. Organizational objectives
- C. Enterprise strategy
CORRECT ANSWER
Answer : C
Reference:
https://www.oreilly.com/library/view/governance-of-enterprise/9781849285193/xhtml/appendix03.html
Question 39 ( Single Topic)
Which of the following metrics would
BEST enable an enterprise to evaluate an alignment goal specifically related to
security of information and privacy?
- A. Ratio and extent of erroneous business decisions
in which erroneous I&T-related information was a key factor
- B. Number of critical business processes supported by
up-to-date infrastructure and applications
- C. Number of confidentiality incidents causing
financial loss, business disruption or public embarrassment.
CORRECT ANSWER
Answer : C
Reference:
https://community.mis.temple.edu/mis5203sec001sp2019/files/2019/01/COBIT-2019-Framework-Introduction-and-Methodology_res_eng_1118.pdf
(31)
Question 40 ( Single Topic)
Which of the following would be an
appropriate metric to align with a goal of `Delivery of programs on time, on
budget, and meeting requirements and quality standards`?
- A. Percent of stakeholders satisfied with
program/project quality
- B. Percent of business staff satisfied that IT
service delivery meets agreed service levels
- C. Level of user satisfaction with the quality and
availability of I&T-related management information
CORRECT ANSWER
Answer : A
Reference:
https://community.mis.temple.edu/mis5203sec001sp2019/files/2019/01/COBIT-2019-Framework-Introduction-and-Methodology_res_eng_1118.pdf
(32)
Question 41 ( Single Topic)
The alignment goal `Delivery of
I&T services in line with business requirements` is organized into which IT
balanced scorecard (BSC) dimension?
- A. Customer
- B. Financial
- C. Internal
CORRECT ANSWER
Answer : A
Reference:
https://community.mis.temple.edu/mis5203sec001sp2019/files/2019/01/COBIT-2019-Framework-Introduction-and-Methodology_res_eng_1118.pdf
(31)
Question 42 ( Single Topic)
Which of the following management
objectives is related to optimization of system performance?
- A. Managed I&T management framework
- B. Managed availability and capacity
- C. Managed service agreements
CORRECT ANSWER
Answer : B
Reference:
https://wiki.process-symphony.com.au/tag/cobit2019/page/4/
Question 43 ( Single Topic)
Which of the following is MOST
important to providing trust in operations, confidence in the achievement of
enterprise objectives, and an adequate understanding of residual risk?
- A. A continuity of operations response plan
- B. A risk management framework
- C. A managed system of internal controls
CORRECT ANSWER
Answer : C
Reference:
https://wiki.process-symphony.com.au/tag/cobit2019/page/4/
Question 44 ( Single Topic)
Which of the following BEST describes
the `managed innovation` management objective of the COBIT core model?
- A. Optimize available IT capabilities to support the
IT strategy and roadmap.
- B. Achieve competitive advantage, improve customer
experience and improve operational effectiveness.
- C. Support the digital transformation strategy of the
organization and deliver the desired value.
CORRECT ANSWER
Answer : B
Reference:
https://netmarket.oss.aliyuncs.com/df5c71cb-f91a-4bf8-85a6-991e1c2c0a3e.pdf
(81)
Question 45 ( Single Topic)
Which of the following is CRITICAL to
ensuring I&T-related decisions are aligned with the enterprise's strategies
and objectives?
- A. Compliance with legal, contractual and regulatory requirements
is confirmed.
- B. Technology and innovation processes are overseen
by the board.
- C. Assurance on controls is obtained from independent
IT auditors.
CORRECT ANSWER
Answer : A
Question 46 ( Single Topic)
After IT department goals have been
aligned with enterprise goals, the NEXT step is to link the alignment goals
with:
- A. governance and management objectives.
- B. governance and management practices.
- C. governance and management performance metrics.
CORRECT ANSWER
Answer : A
Reference:
https://wiki.process-symphony.com.au/tag/cobit2019/page/4/
Question 47 ( Single Topic)
A consultant tasked with facilitating
an enterprise's COBIT implementation has met with the CEO and identified
enterprise goals based on mission and vision.
Which of the following roles is BEST suited to meet with the consultant to
identify alignment goals?
- A. Chief risk officer
- B. Chief information officer
- C. Chief financial officer
CORRECT ANSWER
Answer : B
Reference:
https://netmarket.oss.aliyuncs.com/df5c71cb-f91a-4bf8-85a6-991e1c2c0a3e.pdf
Question 48 ( Single Topic)
Which of the following components of
governance and management objectives includes the expected capability level?
- A. Process activities
- B. Alignment goals
- C. Organization structure
CORRECT ANSWER
Answer : A
Capability and maturity levels are
assigned to all process activities, enabling clear definition of processes at
different levels. This can be effective through a thorough assessment of the
enterprise program and capabilities using performance management.
Reference:
https://www.isaca.org/resources/news-and-trends/industry-news/2020/effective-capability-and-maturity-assessment-using-cobit-2019
Question 49 ( Single Topic)
How do the assigned capability levels
in the COBIT core model facilitate the achievement of the different capability
levels?
- A. By defining organizational structure with specific
roles and responsibilities
- B. By setting performance metrics for enabler goals
- C. By providing clear definition of the processes and
required activities
CORRECT ANSWER
Answer : C
Reference:
https://www.isaca.org/resources/news-and-trends/industry-news/2020/effective-capability-and-maturity-assessment-using-cobit-2019
Question 50 ( Single Topic)
According to Capability Maturity Model
Integration (CMMI), which of the following BEST describes Level 2 within the
five maturity levels for processes?
- A. The process achieves its purpose through the
application of a basic, yet complete, set of activities that can be
characterized as performed.
- B. The process achieves its purpose in a much more
organized way using organizational assets, and processes are typically
well defined.
- C. The process more or less achieves its purpose
through the application of an incomplete set of activities that can be
characterized as intuitive and not very organized.
CORRECT ANSWER
Answer : A
Reference:
https://www.tutorialspoint.com/cmmi/cmmi-maturity-levels.htm
Question 51 ( Single Topic)
The different levels of involvement
associated with roles and organizational structure are PRIMARILY divided into:
- A. governance and management levels.
- B. responsibility and accountability levels.
- C. operational and practitioner levels.
CORRECT ANSWER
Answer : B
Reference:
https://netmarket.oss.aliyuncs.com/df5c71cb-f91a-4bf8-85a6-991e1c2c0a3e.pdf
(21)
Question 52 ( Single Topic)
Which of the following components is
important to update in a COBIT RACI chart to align with the enterprise's
context, priorities and preferred terminology?
- A. Enterprise process practices and activities
- B. Enterprise roles and organizational structures
- C. Enterprise procedures and job descriptions
CORRECT ANSWER
Answer : A
Question 53 ( Single Topic)
Within an organizational structure
chart (RACI chart), which role drives a given task or process?
- A. Responsible (R) role
- B. Accountable (A) role
- C. Informed (I) role
CORRECT ANSWER
Answer : B
Reference:
https://ptgmedia.pearsoncmg.com/images/9780134772806/samplepages/9780134772806_Sample.pdf
Question 54 ( Single Topic)
Which of the following comprises the
`information flow` component of a governance system?
- A. People, skills and competencies
- B. Assignment of responsibility and accountability
roles
- C. Process practices that include inputs and outputs
CORRECT ANSWER
Answer : C
Reference:
https://static1.squarespace.com/static/56b3cadb59827ecd82b02b43/t/56d8c0d84d088e673055c308/1457045725120/COBIT-5_res_eng_1012.pdf
(32)
Question 55 ( Single Topic)
Which of the following COBIT
components includes a list of artifacts with links to relevant governance and
management practices?
- A. Information flow and items
- B. Organizational structures
- C. Policies and procedures
CORRECT ANSWER
Answer : B
Reference:
https://www.businessbeam.com/blog/cobit-2019/
Question 56 ( Single Topic)
Which governance component identifies
the human resource needs that must be met to achieve governance and management
objectives?
- A. Culture, ethics and behavior
- B. People, skills and competencies
- C. Information flow and items
CORRECT ANSWER
Answer : B
Question 57 ( Single Topic)
Which of the following COBIT
organizational structure roles fulfills the practice and creates the intended
outcome?
- A. Accountable (A)
- B. Responsible (R)
- C. Consulted (C)
CORRECT ANSWER
Answer : B
Question 58 ( Single Topic)
Which enterprise role ensures the
board is kept informed of major decisions related to value delivery of I&T
deployment in accordance with the enterprise strategy?
- A. Chief information officer
- B. Executive committee
- C. Chief executive officer
CORRECT ANSWER
Answer : A
Question 59 ( Single Topic)
Which of the following is the MOST essential
attribute of the highest process capability level (Level 5)?
- A. Pursuit of continuous improvement
- B. Full achievement of the process×’€™s purpose
- C. Quantitative performance measures
CORRECT ANSWER
Answer : A
Reference:
https://www.simplilearn.com/process-attributes-and-process-capability-levels-cobit5-tutorial-video
Question 60 ( Single Topic)
The level achieved when all processes
of a focus area achieve a particular capability level is referred to as:
- A. the rating level.
- B. the maturity level.
- C. the performance level.
CORRECT ANSWER
Answer : B
Reference:
https://www.isaca.org/resources/news-and-trends/industry-news/2020/effective-capability-and-maturity-assessment-using-cobit-2019
Question 61 ( Single Topic)
When assessing organizational
structures, it is MOST helpful when subcriteria for each criterion are defined
and linked to:
- A. job descriptions.
- B. capability levels.
- C. performance metrics.
CORRECT ANSWER
Answer : B
Reference:
https://community.mis.temple.edu/mis5203sec001sp2019/files/2019/01/COBIT-2019-Framework-Introduction-and-Methodology_res_eng_1118.pdf
(41)
Question 62 ( Single Topic)
The design factor associated with a
highly regulated enterprise is likely to attribute MORE importance to which of
the following?
- A. Managed strategy and operations
- B. Documented work products and policies
- C. Understanding of the business by IT professionals
CORRECT ANSWER
Answer : B
Reference:
https://community.mis.temple.edu/mis5203sec001sp2019/files/2019/01/COBIT-2019-Framework-Introduction-and-Methodology_res_eng_1118.pdf
(46)
Question 63 ( Single Topic)
Which of the following is a CRITICAL
requirement when the IT function is strategic and crucial to the success of the
business?
- A. Documented IT policies and procedures
- B. High involvement of IT-related roles in
organizational structures
- C. Highly capable security-related processes and
ensured risk optimization
CORRECT ANSWER
Answer : A
Question 64 ( Single Topic)
Which of the following enterprise risk
management concepts is MOST important to fully understand prior to finalizing
the design of an IT governance system?
- A. The enterprise×’€™s risk tolerance
- B. The enterprise×’€™s risk profile
- C. The enterprise×’€™s risk appetite
CORRECT ANSWER
Answer : B
Question 65 ( Single Topic)
Which of the following is the FINAL
action before completing the design of an IT governance system?
- A. Resolving inherent priority conflicts
- B. Determining a sourcing model
- C. Selecting an implementation method
CORRECT ANSWER
Answer : C
Question 66 ( Single Topic)
An enterprise that specializes in
software development is designing a new IT governance system as part of a
transition from traditional waterfall to a more agile approach. Which step in
the design phase would this transition impact the MOST?
- A. Compliance requirements
- B. Implementation method
- C. Sourcing model
CORRECT ANSWER
Answer : B
Question 67 ( Single Topic)
Which element of a business case BEST
enables senior leadership to assess the future success of the IT governance
program?
- A. Quantified benefits
- B. Qualitative perspective
- C. Investment justification
CORRECT ANSWER
Answer : C
Question 68 ( Single Topic)
An enterprise's business line managers
have voiced concerns because the cost of governance-required improvements is
perceived as too expensive. How can the IT governance team BEST address this
concern?
- A. Improve the communication of business benefits.
- B. Involve business line managers in the improvement
planning process.
- C. Share the return on investment (ROI) analysis.
CORRECT ANSWER
Answer : C
Reference:
https://core.ac.uk/download/pdf/78102451.pdf
(214)
Question 69 ( Single Topic)
Once IT governance is implemented,
what is the NEXT phase in the life cycle of governance?
- A. Measuring objectives
- B. Initiating improvements
- C. Updating the program
CORRECT ANSWER
Answer : A
Reference:
https://cio-wiki.org/wiki/IT_Governance
Question 70 ( Single Topic)
One year after IT governance is
implemented, what KEY question should be asked and evaluated?
- A. Has the enterprise leveraged lessons learned?
- B. Has the enterprise reduced its risk exposure?
- C. Has the enterprise achieved expected benefits?
CORRECT ANSWER
Answer : C
Reference:
https://www.bauer.uh.edu/parks/cobit_4.1.pdf
(98)
Question 71 ( Single Topic)
In the implementation model, when is IT governance implementation risk BEST
managed?
- A. Throughout the life cycle
- B. During the planning phase
- C. Just prior to operationalization
CORRECT ANSWER
Answer : A
Question 72 ( Single Topic)
What would be the PRIMARY -
reason for management to conduct a process capability assessment?
- A. To better understand the current state as compared
to the target
- B. To better understand the cost of implementing the
improved process
- C. To better understand the current level of risk
versus future risk
CORRECT ANSWER
Answer : B
Question 73 ( Single Topic)
Which of the following is ESSENTIAL to
help ensure that a project's benefits are identified and continually monitored?
- A. A well-developed business case
- B. Earned value management reporting
- C. Stage gate reviews by a governance team
CORRECT ANSWER
Answer : A
Reference:
https://thesai.org/Downloads/Volume5No7/Paper_14-A_Tool_Design_of_Cobit_Roadmap_Implementation.pdf
Question 74 ( Single Topic)
Which of the following is a PRIMARY
objective of reviewing the effectiveness of a new IT governance system that has
been operational for 6 months?
- A. Obtaining executive management support for IT
governance
- B. Identifying further governance requirements
- C. Evaluating business performance reports
CORRECT ANSWER
Answer : A
Question 75 ( Single Topic)
While value delivery focuses on the
creation of value, risk management focuses on which of the following?
- A. Achievement of value
- B. Preservation of value
- C. Optimization of value
CORRECT ANSWER
Answer : A
Reference:
https://books.google.com/books?id=2gwDIwXoVNoC&pg=PA11&lpg=PA11&dq=cobit,+%22Achievement+of+value,+value+delivery+focuses+on+the
+creation+of+value,+risk+management+focuses+on+which+of+the+following&source=bl&ots=zE2aPNsSds&sig=ACfU3U1nyMl1Jq4O04-
T4d2h2hf_a0uvtA&hl=en&sa=X&ved=2ahUKEwiA4f30tKD0AhVDVc0KHTJXCf4Q6AF6BAgWEAM#v=onepage&q=cobit%2C%20%22Achievement%20of%
20value%2C%20value%20delivery%20focuses%20on%20the%20creation%20of%20value%2C%20risk%20management%20focuses%20on%20which%20of%
20the%20following&f=false
Question 76 ( Single Topic)
Enterprise governance of information
and technology (EGIT) is an integral part of:
- A. risk governance.
- B. financial governance.
- C. corporate governance.
CORRECT ANSWER
Answer : C
Reference:
https://dl.acm.org/doi/book/10.5555/2756805
Question 77 ( Single Topic)
The COBIT framework is designed to
meet the I&T goals for which of the following?
- A. Board and executive management only
- B. IT department only
- C. Entire enterprise
CORRECT ANSWER
Answer : C
Reference:
https://www.cio.com/article/3243684/what-is-cobit-a-framework-for-alignment-and-governance.html
Question 78 ( Single Topic)
Which of the following benefits
derived from the use of COBIT is PRIMARILY associated with an internal
stakeholder?
- A. COBIT provides insight on how to derive value from
the use of I&T.
- B. COBIT helps to ensure that a third-party vendor's
operations are secure.
- C. COBIT helps to ensure that a governance system is
in place to sustain regulatory compliance.
CORRECT ANSWER
Answer : A
Reference:
https://www.isaca.org/resources/news-and-trends/industry-news/2019/cobit-design-factors
Question 79 ( Single Topic)
To gain the GREATEST benefit from the
COBIT framework, a stakeholder should have a certain level of experience and a
thorough understanding of:
- A. the regulatory compliance function.
- B. the entire enterprise.
- C. the IT function.
CORRECT ANSWER
Answer : B
Reference:
https://community.mis.temple.edu/mis5203sec001sp2019/files/2019/01/COBIT-2019-Framework-Introduction-and-Methodology_res_eng_1118.pdf
page 15
Question 80 ( Single Topic)
Which of the following is the PRIMARY
purpose of implementing an enterprise governance of information and technology
(EGIT) system?
- A. To document I&T business objectives and
processes
- B. To deliver stakeholder value from I&T-enabled
investments
- C. To comply with I&T regulatory requirements
CORRECT ANSWER
Answer : B
0 Komentar