COBIT 2019 Foundation Exam question & answers
I&T related issues are ____________
risks that have materialized aka pain points
How many maturity levels are there?
6 (they are 0-5)
What are the COBIT business case components?
--Executive Summary --Background --Business Challenges • Gap analysis and goal --Alternatives considered --Proposed Solution • Phase 1. Pre-Planning • Phase 2. Program Implementation • Program Scope • Program Methodology and Alignment • Program Deliverables • Program Risk • Stakeholders • Cost-Benefit Analysis • Challenges and Success Factors
The governance and management objectives are grouped into ___ domains
5 EDM (Evaluate, direct and monitor) APO (Align, plan and organize) BAI (Build, acquire and implement) DSS (Deliver, service and support) MEA (Monitor, evaluate and assess)
How many capability levels are there?
6 (they are 0-5)
Which governance and management domain addresses the overall organization, strategy, and supporting activities for I&T?
APO Align, Plan, and Organize
Which Governance or Management Objective has the following purpose statement? "Implement a consistent management approach for enterprise governance requirements to be met, covering governance components such as management processes; organizational structures; roles and responsibilities; reliable and repeatable activities; information items; policies and procedures; skills and competencies; culture and behavior; and services, infrastructure and applications."
APO01 Managed I&T Management Framework
Which Governance or Management Objective has the following purpose statement? "Support the digital transformation strategy of the organization and deliver the desired value through a road map of incremental changes. Use a holistic I&T approach, ensuring that each initiative is clearly connected to an overarching strategy. Enable change in all different aspects of the organization, from channels and processes to data, culture, skills, operating model and incentives."
APO02 Managed Strategy
Which Governance or Management Objective has the following purpose statement? "Represent the different building blocks that make up the enterprise and its interrelationships as well as the principles guiding their design and evolution over time, to enable a standard, responsive and efficient delivery of operational and strategic objectives."
APO03 Managed Enterprise Architecture
Which Governance or Management Objective has the following purpose statement? ""Achieve competitive advantage, business innovation, improved customer experience, and improved operational effectiveness and efficiency by exploiting I&T developments and emerging technologies.
APO04 Managed Innovation
Which Governance or Management Objective has the following purpose statement? "Optimize the performance of the overall portfolio of programs in response to individual program, product and service performance and changing enterprise priorities and demand."
APO05 Managed Portfolio
Which Governance or Management Objective has the following purpose statement? "Foster a partnership between IT and enterprise stakeholders to enable the effective and efficient use of I&T-related resources and provide transparency and accountability of the cost and business value of solutions and services. Enable the enterprise to make informed decisions regarding the use of I&T solutions and services."
APO06 Managed Budget and Costs
Which Governance or Management Objective has the following purpose statement? "Optimize human resources capabilities to meet enterprise objectives"
APO07 Managed Human Resources
Which Governance or Management Objective has the following purpose statement? "Enable the right knowledge, skills and behaviors to create improved outcomes, increased confidence, mutual trust and effective use of resources that stimulate a productive relationship with business stakeholders"
APO08 Managed Relationships
Which Governance or Management Objective has the following purpose statement? "Ensure that I&T products, services and service levels meet current and future enterprise needs."
APO09 Managed Service Agreements
Which Governance or Management Objective has the following purpose statement? "Optimize available I&T capabilities to support the I&T strategy and road map, minimize the risk associated with nonperforming or noncompliant vendors, and ensure competitive pricing."
APO10 Managed Vendors
Which Governance or Management Objective has the following purpose statement? "Ensure consistent delivery of technology solutions and services to meet the quality requirements of the enterprise and satisfy stakeholder needs."
APO11 Managed Quality
Which Governance or Management Objective has the following purpose statement? "Integrate the management of I&T-related enterprise risk with overall enterprise risk management (ERM) and balance the costs and benefits of managing I&T-related enterprise risk."
APO12 Managed Risk
Which Governance or Management Objective has the following purpose statement? "Keep the impact and occurrence of information security incidents within the enterprise's risk appetite levels."
APO13 Managed Security
Which Governance or Management Objective has the following purpose statement? ""Ensure effective utilization of the critical data assets to achieve enterprise goals and objectives
APO14 Managed Data
"A governance framework should align to relevant major related standards, frameworks, and regulations" is an example of which Governance Framework Principle?
Align to major standards
In which phase of the implementation lifecycle would you initiate the program?
Phase 1 What are the drivers
Which governance and management domain treats the definition, acquisition, and implementation of I&T solutions and their integration in business processes?
BAI Build, Acquire, and Implement
Which Governance or Management Objective has the following purpose statement? "Realize desired business value and reduce the risk of unexpected delays, costs and value erosion. To do so, improve communications to and involvement of business and end users, ensure the value and quality of program deliverables and follow up of projects within the programs, and maximize program contribution to the investment portfolio."
BAI01 Managed Programs
Which Governance or Management Objective has the following purpose statement? "Create optimal solutions that meet enterprise needs while minimizing risk."
BAI02 Managed Requirements Definition
Which Governance or Management Objective has the following purpose statement? "Ensure that the resource needs of the enterprise are met in the optimal manner. I&T costs are optimized, and there is an increased likelihood of benefit realization and readiness for future change"
EDM04 Ensured Resource Optimization
Which Governance or Management Objective has the following purpose statement? "Ensure agile and scalable delivery of digital products and services. Establish timely and cost-effective solutions (technology, business processes and workflows) capable of supporting enterprise strategic and operational objectives."
BAI03 Managed Solutions Identification and Build
Which Governance or Management Objective has the following purpose statement? "Maintain service availability, efficient management of resources and optimization of system performance through prediction of future performance and capacity requirements."
BAI04 Managed Availability and Capacity
Which Governance or Management Objective has the following purpose statement? "Prepare and commit stakeholders for business change and reduce the risk of failure."
BAI05 Managed Organizational Change
Which Governance or Management Objective has the following purpose statement? "Enable fast and reliable delivery of change to the business. Mitigate the risk of negatively impacting the stability or integrity of the changed environment"
BAI06 Managed IT Changes
Which Governance or Management Objective has the following purpose statement? "Implement solutions safely and in line with the agreed expectations and outcomes."
BAI07 Managed IT Change Acceptance and Transitioning
Which Governance or Management Objective has the following purpose statement? "Provide the knowledge and information required to support all staff in the governance and management of enterprise I&T and allow for informed decision making."
BAI08 Managed Knowledge
Which Governance or Management Objective has the following purpose statement? "Account for all I&T assets and optimize the value provided by their use."
BAI09 Managed Assets
Which Governance or Management Objective has the following purpose statement? "Provide sufficient information about service assets to enable the service to be effectively managed. Assess the impact of changes and deal with service incidents."
BAI10 Managed Configuration
Which Governance or Management Objective has the following purpose statement? "Realize defined project outcomes and reduce the risk of unexpected delays, costs and value erosion by improving communications to and involvement of business and end users. Ensure the value and quality of project deliverables and maximize their contribution to the defined programs and investment portfolio."
BAI11 Managed Projects
"A governance framework should be based on a conceptual model, identifying the key components and relationships among components, to maximize consistency and allow automation" is an example of which Governance Framework Principle?
Based on conceptual model
What are the 4 publications for COBIT 2019 that are available?
Framework: into and Methodology Framework: Gov. and Management Obj. Design Guide Implementation Guide
The 4 ranges or available ratings for capability levels are:
Fully- 85%+ Largely- 50-85% Partially- 15-50% Not- <15%
The CPM model largely aligns to and extends _______
CMMI Development V2.0 concepts
____ components are described in the COBIT core model and apply in principle to any situation
Generic
In which phase of the implementation road map would current change drivers be identified?
Phase 1 What are the drivers?
_____ are factors that individually or collectively contribute tot eh good operation of the enterprise's governance system over I&T
Components
Which BSC dimension does the following alignment goal fall under: Agility to turn business requirements into operational solutions
Customer
Which BSC dimension does the following alignment goal fall under: Delivery of I&T services in line with business requirements
Customer
Which BSC dimension does the following enterprise goals fall under: Business-service continuity nd availability
Customer
Which BSC dimension does the following enterprise goals fall under: Customer-oriented service culture
Customer
Which BSC dimension does the following enterprise goals fall under: Quality of management information
Customer
Which governance and management domain addresses the operational delivery and support of I&T services, including security?
DSS Deliver, Service, and Support
Which Governance or Management Objective has the following purpose statement? "Deliver I&T operational product and service outcomes as planned."
DSS01 Managed Operations
Which Governance or Management Objective has the following purpose statement? "Achieve increased productivity and minimize disruptions through quick resolution of user queries and incidents. Assess the impact of changes and deal with service incidents. Resolve user requests and restore service in response to incidents."
DSS02 Managed Service Requests and Incidents
Which Governance or Management Objective has the following purpose statement? "Increase availability, improve service levels, reduce costs, improve customer convenience and satisfaction by reducing the number of operational problems, and identify root causes as part of problem resolution."
DSS03 Managed Problems
Which Governance or Management Objective has the following purpose statement? "Adapt rapidly, continue business operations and maintain availability of resources and information at a level acceptable to the enterprise in the event of a significant disruption (e.g., threats, opportunities, demands)."
DSS04 Managed Continuity
Which Governance or Management Objective has the following purpose statement? "Minimize the business impact of operational information security vulnerabilities and incidents."
DSS05 Managed Security Services
Which Governance or Management Objective has the following purpose statement? "Maintain information integrity and the security of information assets handled within business processes in the enterprise or its outsourced operation."
DSS06 Managed Business Process Controls
In which governance and management domain would the governing body evaluate strategic options, direct senior management on the chosen strategic options and monitor the achievement of the strategy?
EDM Evaluate, Direct, and Monitor
Which Governance or Management Objective has the following purpose statement? "Provide a consistent approach integrated and aligned with the enterprise governance approach. I&T related decisions are made in line with the enterprise's strategy and objectives and desired value is realized. To that end, ensure that I&T-related processes are overseen effectively and transparently; compliance with legal, contractual, and regulatory requirements is confirmed; and the governance requirements for board members are met"
EDM01 Ensured Governance Framework Setting and Maintenance
Which Governance or Management Objective has the following purpose statement? "Secure optimal value from I&T-enabled initiatives, services, and assets; cost-effecient delivery of solutions and services; and a reliable and accurate picture of costs and likely benefits so that business needs are supported effectively and efficiently"
EDM02 Ensured Benefits Delivery
Which Governance or Management Objective has the following purpose statement? "Ensure that I&T-related enterprise risk does not exceed the enterprise's risk appetite and risk tolerance, the impact of I&T related risk to enterprise value is identified and managed, and the potential for compliance failures is minimized"
EDM03 Ensured Risk Optimization
Which Governance or Management Objective has the following purpose statement? "Ensure that stakeholders are supportive of the I&T strategy and road map, communication to stakeholders is effective and timely, and the basis for reporting is established to increase performance. Identify areas for improvement and confirm that I&T-related objectives and strategies are in line with the enterprise's strategy"
EDM05 Ensure Stakeholder Engagement
"A governance system should cover the enterprise end to end, focusing not only on the IT functions but on all I&T" is an example of which Governance System Principle?
End-to-end Governance system
Enterprise strategy is realized through the achievement of a set of _____________
Enterprise goals
List the design factors
Enterprise strategy Enterprise goals Risk Profile I&T related issues ------------------------ Threat landscape Compliance requirements Role of IT Sourcing model for IT IT implementation methods Technology adoption strategy Enterprise size
Which BSC dimension does the following alignment goal fall under: I&T compliance and support for business compliance with external laws and regulations
Financial
Which BSC dimension does the following alignment goal fall under: Managed I&T-related risk
Financial
Which BSC dimension does the following alignment goal fall under: Realized benefits from I&T-enabled investments and service portfolio
Financial
Which BSC dimension does the following enterprise goals fall under: Compliance with external laws and regulations
Financial
Which BSC dimension does the following enterprise goals fall under: Managed business risk
Financial
Which BSC dimension does the following enterprise goals fall under: Portfolio of competitive products and services
Financial
Which BSC dimension does the following enterprise goals fall under: Quality of financial information
Financial
"A governance system should clearly distinguish between governance and management" is an example of which Governance System Principle?
Governance distinction from management
Which BSC dimension does the following enterprise goals fall under: Managed digital transformation programs
Growth
Which BSC dimension does the following enterprise goals fall under: Product and business innovation
Growth
In the "Role of IT" Design factor, which of the following describes a SUPPORT IT role?
IT is not crucial for the running and continuity of the business process and services, nor for their innovatio
In the "Role of IT" Design factor, which of the following describes a TURNAROUND IT role?
IT is seen as a driver for innovating business processes and services. At this moment, however, there is not a critical dependency on IT for the current running and continuity of the business processes and services
Which BSC dimension does the following alignment goal fall under: Delivery of programs on time, on budget and meeting requirements and quality standards
Internal
Which BSC dimension does the following alignment goal fall under: Enabling and supporting business processes by integrating applications and technology
Internal
Which BSC dimension does the following alignment goal fall under: I&T compliance with internal policies
Internal
Which BSC dimension does the following alignment goal fall under: Quality of I&T management information
Internal
Which BSC dimension does the following alignment goal fall under: Security of information, processing infrastructure and applications, and privacy
Internal
Which BSC dimension does the following enterprise goals fall under: Compliance with internal policies
Internal
Which BSC dimension does the following enterprise goals fall under: Optimization of business process costs
Internal
Which BSC dimension does the following enterprise goals fall under: Optimization of internal business process functionality
Internal
Which BSC dimension does the following enterprise goals fall under: Staff skills, motivation, and productivity
Internal
Which BSC dimension does the following alignment goal fall under: Competent and motivated staff with mutual understanding of technology and business
Learning and Growth
Which BSC dimension does the following alignment goal fall under: Knowledge, expertise and initiatives for business innovation
Learning and Growth
Which governance and management domain addresses performance monitoring and conformance of I&T with internal performance targets, internal control objectives, and external requirements?
MEA Monitor, Evaluate, and Assess
Which Governance or Management Objective has the following purpose statement? "Provide transparency of performance and conformance and drive achievement of goals."
MEA01 Managed Performance and Conformance Monitoring
Which Governance or Management Objective has the following purpose statement? "Obtain transparency for key stakeholders on the adequacy of the system of internal controls and thus provide trust in operations, confidence in the achievement of enterprise objectives and an adequate understanding of residual risk."
MEA02 Managed System of Internal Control
Which Governance or Management Objective has the following purpose statement? "Ensure that the enterprise is compliant with all applicable external requirements."
MEA03 Managed Compliance With External Requirements
Which Governance or Management Objective has the following purpose statement? "Enable the organization to design and develop efficient and effective assurance initiatives, providing guidance on planning, scoping, executing and following up on assurance reviews, using a road map based on well-accepted assurance approaches."
MEA04 Managed Assurance
What are the impacts of design factors on a governance and management system?
Management objective priority and target capability levels Component variations Specific focus area
"A governance framework should be open and flexible. It should allow the addition of new content and the ability to address new issues in the most flexible way, while maintaining integrity and consistency" is an example of which Governance Framework Principle?
Open and flexible
Components of a governance system include:
PPOCISP Processes Policies, principles, and frameworks Organizational structure Culture, ethics, and behavior Information Services People, skills, competencies
_________ represents a general term for all activities and methods. It expresses how well the governance and management system and all the components of an enterprise work, and how they can be improved to achieve the required level
Performance management
In which phase of the implementation road map would I&t-related objectives be aligned with enterprise strategies and risk, and prioritizes the most important enterprise goals, alignment goals, and processes?
Phase 2 Where are we now?
In which phase of the implementation road map would targets for improvement be set folllowed by a gap analysis to identify possible solutions?
Phase 3 Where do we want to be?
In which phase of the implementation road map would you define projects supported by justifiable business cases and a change planfor implementation?
Phase 4 What needs to be done?
In which phase of the implementation road map would you implement the proposed solution via day to day practices and establish measures and monitoring systems to ensure business alignment is achieved and performance can be measured?
Phase 5 How do we get there?
In which phase of the implementation road map would you focus on sustainable transition of the improved practices into normal business operations?
Phase 6 Did we get there?
During which phase in the implementation lifecycle would you review effectiveness?
Phase 7 How do we keep the momentum going?
In which phase of the implementation road map would you review the overall success, identify further requirements, and prioritize further opporunities to improve?
Phase 7 How do we keep the momentum going?
What are the 3 rings in the implementation lifecycle?
Program management Change enablement Continual improvement lifecycle
"A governance system should be tailored to the enterprise's needs, using a set of design factors as parameters to customize and prioritize the governance system components" is an example of which Governance System Principle?
Tailored to enterprise needs
The COBIT 2019 Performance management principles are:
The CPM should be simple to understand and use The CPM should be consistent with, and support, the COBIT conceptual model The CPM should provide reliable, repeatable and relevant results The CPM must be flexible The CPM should support different types of assessments
The steps in the governance system design flow are:
Understand the enterprise context and strategy Determine the initial scope of the governance system (first 4 design factors) Refine the scope pf the governance system (remaining design factors) Conclude the governance system design
______ components are based on generic components but are tailored for a specific purpose or context within a focus area
Variants
What are the 7 phases to the COBIT implementation model?
What are the drivers? Where are we now? Where do we want to be? What needs to be done? How do we get there? Did we get there? How do we keep the momentum going?
In the "Role of IT" Design factor, which of the following describes a FACTORY IT role?
When IT fails, there is an immediate impact on the running and continuity of the business process and services. However, IT is not seen as a driver for innovation business processes and services
A _______ describes a certain governance topic, domain, or issue that can be addressed by a collection of governance and management objectives and their components
focus area
COBIT 2019 defines _____ as a measure of how well a process is implemented and performing
capability level
A ____________ is an internal or external event, condition, or key issue that serves as a stimulus for change
change driver
The extent to which information is applicable to the task of the information user and is presented in an intelligible and clear manner, recognizing that information quality depends on the context of use is _____________
contextual
____________ are associated with maturity levels
focus areas
The extent to which data values are in conformance with the actual or true value is ________
intrinsic
COBIT 2019 defines ___________ as a performance measure on the focus area level
maturity level
______________ are associated with capability levels
process activities
"A governance system should be customized to the enterprise's needs, using a set of design factors as parameters to customize and prioritize the governance system components" is an example of which Governance System Principle? A.Tailored to enterprise needs B.Open and flexible C.Goals cascade
A
A rating of FULLY indicates which of the following? A.The capability level is achieved for more than 85 percent. B.The capability level is achieved between 15 percent and 50 percent. C.The capability level is achieved less than 15 percent.
A
The 3 main outcome that can be expected after successful adoption of EGIT:
Benefits realization Risk optimization Resource optimization
COBIT 2019 Performance management supports which industry-based process capability scheme? A.CMMI-based process capability scheme. B.COBIT has its own capability scheme and does not support any industry-based frameworks. C.Skills Framework for the Information Age (SFIA).
A
Designing a tailored governance system will result in recommendations for prioritizing governance and management objectives or related governance system components, for ____________, or for adopting specific variants of a governance system component. A.target capability levels B.documenting the four enabler dimensions C.documenting the most appropriate accountabilities and responsibilities
A
Governance ________ are factors that, individually and collectively, contribute to the good operations of the enterprise's governance system over I&T and were known as enablers in COBIT 5. A.components B.goals C.practices
A
In the "Role of IT" Design factor, which of the following describes a STRATEGIC IT role? A.IT is critical for both running and innovating the organization's business processes and services. B.When IT fails, there is an immediate impact on the running and continuity of the business processes and services. However, IT is not seen as a driver for innovating business processes and services. C.IT is not crucial for the running and continuity of the business process and services, nor for their innovation.
A
In which phase of the implementation lifecycle would an enterprise "Define the Road Map" for the implementation? A.Phase 3, Where do we want to be? B.Phase 6, Did we get there? C.Phase 1, Assess Current State
A
Management ensures that: A.IT plans, builds, runs and monitors activities, in alignment with the direction set by the governance body, to achieve the enterprise objectives. B.Stakeholder needs, conditions and options are evaluated to determine balanced, agreed-on enterprise objectives. C.Direction is set through prioritization and decision making. ●
A
Phase _________ of the Implementation lifecycle sets a target for improvement followed by a gap analysis to identify potential solutions. A.3, Where do we want to be? B.1, What are the drivers? C.2, What needs to be done
A
The Management Objective, Managed Problems is part of which Management Domain? A.Deliver, Service and Support B.Monitor, Evaluate and Assess C.Ensured Benefits Delivery
A
Which Governance or Management Objective has the following purpose statement? "Realize defined project outcomes and reduce the risk of unexpected delays, costs and value erosion by improving communications to and involvement of business and end users. Ensure the value and quality of project deliverables and maximize their contribution to the defined programs and investment portfolio." A.BAI11 Managed Projects B.BAI02 Managed Requirements Definition C.APO09 Managed Service Agreements
A
Which of the following best describes COBIT? A.COBIT is a framework for the governance and management of enterprise information and technology. B.COBIT is a full description of the whole IT environment of an enterprise. C.COBIT is a framework to organize business processes.
A
Which of the following is INCORRECT regarding COBIT and other standards and frameworks? A.COBIT only focuses on standards and does not consider other frameworks or best practices B.COBIT does not copy the contents of these related standards. C.COBIT provides equivalent statements or references to related guidance.
A
Which of the following is NOT a component of the governance system? A.Enterprise size B.Organizational structures C.Information
A
Which of the following is the correct set of steps in the governance system design workflow? A.Understand the enterprise context and strategy; Determine the initial scope of the governance system; Refine the scope of the governance system; Conclude the governance system design. B.What are the drivers; Where are we now; Where to we want to be; What needs to be done; How do we get there; Did we get there; How do we keep the momentum going. C.Direct the governance system; Plan the governance system; Build the governance system; Run the governance system; Monitor the governance system.
A
Match the domain with the appropriate description: Enable the right knowledge, skills and behaviors to create improved outcomes, increased confidence, mutual trust and effective use of resources that stimulate a productive relationship with business stakeholders.
APO08: Managed Relationships
COBIT is
Aimed at the whole enterprise Makes a clear distinction between governance and management
Match the stakeholder with the appropriate benefits: Helps to manage dependency on external service providers, get assurance over IT, and ensure the existence of an effective and efficient system of internal controls
Assurance Providers
Select the stakeholder who receives the following benefit of COBIT. "Helps to manage dependency on external service providers, get assurance over IT, and ensure the existence of an effective and efficient system of internal controls" Boards Executive Management Business Managers IT Managers Assurance Providers Risk Management Regulators Business Partners IT Vendors
Assurance providers
A governance or management objective always relates to _____ and a series of related components of other types to help achieve the objective. A.compliance requirements B.one process C.one governance framework principle
B
In which stage of the Governance System Design Workflow would an enterprise consider the current I&T-related issues? A.Understand enterprise strategy B.Determine the initial scope of the governance system C.Plan program
B
In which step of the Governance System Design Workflow would you resolve inherent priority conflicts? A.Step 2, Determine the initial scope of the governance system B.Step 4, Conclude the governance system design C.Step 1, What are the drivers?
B
More information and detailed guidance on how to use the design factors for designing a governance system can be found in the ___________ publication. A.COBIT 2019 Implementation Guide B.COBIT 2019 Design Guide C.COBIT 2019 Enabler Guide
B
The Implementation lifecycle has three perspectives, or rings. Which of the following is the correct description of these? A.Portfolio Management, Program Management, Project Management B.Program Management, Change Enablement, Continual Improvement C.Initiate program, establish desire to change, recognize need to act
B
When rating capability levels, less formal methods often include which of the following range of ratings based on COBIT Performance Management suggestions? A.0, 1, 2, 3, 4, 5 B.Fully, Largely, Partially, Not C.High, medium, low
B
Which COBIT 2019 Publication explores factors that can influence governance and includes a workflow for planning a tailored governance system for the enterprise? A.The COBIT 2019 Framework: Governance and Management Objectives B.The COBIT 2019 Design Guide C.The COBIT 2019 Implementation Guide
B
Which Governance or Management Objective has the following purpose statement? "Achieve competitive advantage, business innovation, improved customer experience, and improved operational effectiveness and efficiency by exploiting I&T developments and emerging technologies." A.APO01 Managed Service Catalog B.APO04 Managed Innovation C.BAI08 Managed Knowledge
B
Which of the following describes the correct sequence in the goals cascade? A.EDM, APO, BAI, DSS, MEA B.Stakeholder drivers and needs, enterprise goals, alignment goals, governance and management objectives C.Where are we now, where do we want to be, how do we get there, how do we keep the momentum
B
Which of the following is INCORRECT regarding Enterprise Governance of Information and Technology? A.Exercised by the board that oversees the definition and implementation of processes, structures and relational mechanisms. B.The organization's CIO is accountable for the Enterprise Governance of Information and Technology C.Enables both business and IT people to execute their responsibilities in support of business/IT alignment.
B
Which of the following is NOT CORRECT regarding Governance and Management Objectives? A.A governance or management objective always relates to one process and a series of related components of other types to help achieve the objective. B.A governance objective relates to a governance process, while a management objective relates to a governance component. C.Governance processes typically are under the accountability of boards and executive management; management processes are the domain of senior and middle management.
B
Which two levels of involvement does COBIT 2019 identify within the updated RACI chart? A.Consulted and informed B.Responsible and accountable C.Ownership and delegated
B
Match the domain with the appropriate description: Implement solutions safely and in line with the agreed expectations and outcomes.
BAI07 BAI07: Managed IT Change Acceptance and Transitioning
Select the stakeholder who receives the following benefit of COBIT. "Provides insights on how to get value from the use of I&T and explains relevant board responsibilities" Boards Executive Management Business Managers IT Managers Assurance Providers Risk Management Regulators Business Partners IT Vendors
Boards
Select the stakeholder who receives the following benefit of COBIT. "Helps to understand how to obtain the I&T solutions enterprises require and how best to exploit new technology for new strategic opportunities" Boards Executive Management Business Managers IT Managers Assurance Providers Risk Management Regulators Business Partners IT Vendors
Business Managers
Select the stakeholder who receives the following benefit of COBIT. "Helps to ensure that a business partner's operations are secure, reliable, and compliant with applicable rules and regulations" Boards Executive Management Business Managers IT Managers Assurance Providers Risk Management Regulators Business Partners IT Vendors
Business partners
"An organized set of practices and activities to achieve certain objectives and produce a set of outputs that support achievement of overall IT-related goals" is a description of which of the following? A.Process Design Factor B.Organizational Structures Component C.Process Component
C
"Provides guidance on how to organize and monitor performance of I&T across the enterprise" is associated with which of the following internal stakeholders? A.Boards B.Business partner C.Executive management
C
During phase 7 of the Implementation lifecycle, which of the following tasks would be part of Change Enablement? A.Review effectiveness B.Monitor and evaluate C.Sustain
C
How many Governance and Management Objectives are in the COBIT Core? A.5 B.37 C.40
C
In Phase 1 of the Implementation lifecycle, a _________ is identified as an internal or external event, condition or key issue that serves as a stimulus for change. A.Governance objective B.Business case C.Change driver
C
The Goals Cascade uses _______ relationships to describe the connection between enterprise goals, alignment goals and governance and management objectives. A.Responsible and accountable B.Maturity and capability C.Primary and secondary
C
The Management Objective, Managed Vendors is part of which Management Domain? A.Evaluate, Direct and Monitor B.Capability level 5 C.Align, Plan and Organize
C
What is the best description of the alignment between the COBIT Implementation and Design Guides? A.They both require all Governance and Management objectives to be assessed at a high maturity level. B.Both approaches have seven steps, and each of those steps aligns with each other. C.The COBIT Design Guide primarily aligns with the first three phases of the implementation lifecycle.
C
What is the primary difference between Governance System Principles and Governance Framework Principles? A.Governance System Principles focus on stakeholder needs while Governance Framework Principles focus on Information and Technology (I&T) needs. B.Governance System Principles and Governance Framework Principles are the same thing in COBIT 2019. C.Governance System Principles describe the core requirements for a governance system while Governance Framework Principles focus on building that governance system.
C
When developing a business case, which of the following is an applicable reference when deriving challenges and success factors? A.COBIT Design Factors B.The COBIT 2019 Implementation Guide C.All of the above
C
Which of the following includes good practices for organizational structures that can be used to assess performance of this component? A.RACI chart evaluation B.Understanding principles, policies and procedures C.Escalation procedures
C
Which of the following is NOT a role or organizational structure defined in the context of COBIT 2019? A.Relationship Manager B.Chief Digital Officer C.COBIT Framework Owner
C
Which of the following is a Management Domain? A.Evaluate, Direct and Monitor B.Balanced Scorecard C.Deliver, Service and Support
C
Which of the following is a design factor for a governance system that supports prioritization of management objectives based on prioritization of enterprise goals? A.Balanced scorecard B.Holistic approach C.Risk Profile
C
Which of the following is a key principle to COBIT Performance Management (CPM)? A.The CPM should include 5 levels of capability and maturity. B.Assessing performance should be completed at the governance component level only. C.The CPM should support different types of assessments.
C
Which process capability level indicates that the process achieves its purpose, is well defined, and its performance is (quantitatively) measured? A.Level 0 B.Level 2 C.Level 4
C
Within the COBIT Goals Cascade, under which Balanced Scorecard dimension would you find the Enterprise Goal "Managed digital transformation programs?" A.Align, Plan and Organize (APO) B.DevOps C.Growth
C
______________ are factors that can influence the design of an enterprise's governance system and position it for success in the use of I&T. A.Components of the governance system B.Alignment goals C.Design factors
C
Match the governance component with the definition provided: Often underestimated as factors in the success of governance and management activities.
Culture, Ethics and Behavior
Match the domain with the appropriate description: Deliver I&T operational product and service outcomes as planned.
DSS01: Managed Operations
"A governance system should be dynamic. This means when one or more of the design factors are changed, the impact of these changes must be considered" is an example of which Governance System Principle?
Dynamic governance system
Match the domain with the appropriate description: Ensure that I&T-related enterprise risk does not exceed the enterprise's risk appetite and risk tolerance, the impact of I&T risk to enterprise value is identified and managed, and the potential for compliance failures is minimized.
EDM03: Ensured Risk Optimization
Which BSC dimension does the following alignment goal fall under: Quality of technology-related financial information
Financial
Enterprise governance of I&T (EGIT) is
EGIT is an integral part of corporate governance. Exercised by the board that oversees the definition and implementation of processes, structures and relational mechanisms. Enables both business and IT people to execute their responsibilities in support of business/IT alignment. Enables creation of business value from I&T-enabled business investments.
The context of enterprise governance of I&T is:
Enterprise governance of IT -> Business/IT Alignment -> Value Creation
Match the stakeholder with the appropriate benefits: Provides guidance on how to organize and monitor performance of I&T across the enterprise.
Executive Management
Select the stakeholder who receives the following benefit of COBIT. "Provides guidance on how to organize and monitor performance of I&T across the enterprise" Boards Executive Management Business Managers IT Managers Assurance Providers Risk Management Regulators Business Partners IT Vendors
Executive management
Match the descriptions of the governance and management objectives as they are described in the Governance and Management Objectives guide: Supported alignment goals, applicable enterprise goals, example metrics
Goals Cascade
______ ensures that: Stakeholder needs, conditions, and options are evaluated to determine balance, agreed-on enterprise objectives Direction is set through prioritization and decision making Performance and compliance are monitored against agreed-on direction and objectives
Governance
Match the descriptions of the governance and management objectives as they are described in the Governance and Management Objectives guide: Domain name, focus area, governance or management objective name, description, purpose statement
High Level Information
"A governance system for enterprise I&T is buitl from a number of components that can be of different types and that work together" is an example of which Governance System Principle?
Holistic approach
Match the stakeholder with the appropriate benefits: Provides guidance on how best to build and structure the IT department, manage performance of IT, run an efficient and effective IT operation, control IT costs, align IT strategy to business priorities, etc.
IT Managers
Select the stakeholder who receives the following benefit of COBIT. "Provides guidance on how best to build and structure the IT department, manage performanc of IT, run an efficient and effective IT operation, control IT costs, align IT strategy to business priorities, etc." Boards Executive Management Business Managers IT Managers Assurance Providers Risk Management Regulators Business Partners IT Vendors
IT managers
Select the stakeholder who receives the following benefit of COBIT. "Helps to ensure that an IT vendor's operations are secure, reliable, and compliant with applicable rules and regulations" Boards Executive Management Business Managers IT Managers Assurance Providers Risk Management Regulators Business Partners IT Vendors
IT vendors
Match the governance component with the definition provided: Includes all information produced and used by the enterprise.
Information Flows and Items
Match the Focus area MATURITY levels with the correct definition: Incomplete- work may or may not be completed toward achieving the purpose of governance and management objectives in the focus are
L0
Match the Focus area MATURITY levels with the correct definition: Initial- work is completed, but the full goal and intent of the focus area are not yet achieved
L1
Match the Focus area MATURITY levels with the correct definition: Managed- planning and performance measurement take place, although not yet in a standardized way
L2
Match the Focus area MATURITY levels with the correct definition: Defined- enterprise wide standards provide guidance across the enterprise
L3
Match the Focus area MATURITY levels with the correct definition: Quantitative- The enterprise is data driven with quantitative performance improvement
L4
Match the Focus area MATURITY levels with the correct definition: Optimizing- The enterprise is focused on continual improvement
L5
COBIT is NOT
Limited to the IT department A full description of the whole IT environment of an enterprise An IT technical framework to manage all technology Make or prescribe any IT-related decisions
What are the 3 governance framework principles?
MOS: on conceptual model Open and flexible Aligned to major standards
______ Plans, builds, runs, and monitors activities, in alignment with the direction set by the governance body, to achieve the enterprise objectives
Management
Identify the correct type of stakeholder (internal or external) for the following: Boards Executive Management Regulators Business Partners Business Managers IT Managers IT Vendors Assurance Providers Risk Management
Only 3 external are: REGULATOR BUSINESS PARTNER IT VENDOR
Match the governance component with the definition provided: The key decision-making entities in an enterprise.
Organizational Structures
Match the governance component with the definition provided: Required for good decisions, execution of corrective action and successful completion of all activities.
People, Skills and Competencies
Match the governance component with the definition provided: Translates desired behavior into practical guidance for day-to-day management.
Principles, Polices and Procedures
Match the governance component with the definition provided: Describe an organized set of practices and activities to achieve certain objectives and produce a set of outputs that support achievement of overall IT-related goals.
Processes
"Each enterprise needs a governance system to satisfy stakeholder needs and to generate value from the use of I&T" is an example of which Governance System Principle?
Provide stakeholder value
Match the stakeholder with the appropriate benefits: Helps to ensure the enterprise is compliant with applicable rules and regulations and has the right governance system in place to manage and sustain compliance.
Regulators
Select the stakeholder who receives the following benefit of COBIT. "Helps to ensure the enterprise is complian with applicable rules and regulations and has the right governance system in place to manage and sustain compliance" Boards Executive Management Business Managers IT Managers Assurance Providers Risk Management Regulators Business Partners IT Vendors
Regulators
Match the descriptions of the governance and management objectives as they are described in the Governance and Management Objectives guide: Processes, Organizational structures, Information flows and items, People, skills and competencies, Policies and frameworks, Culture, ethics and behavior, Services, infrastructure and applications
Related Components
Match the descriptions of the governance and management objectives as they are described in the Governance and Management Objectives guide: Standards, frameworks and compliance requirements, Detailed reference
Related Guidance
Select the stakeholder who receives the following benefit of COBIT. "Helps to ensure the identification and management of all IT-related risk" Boards Executive Management Business Managers IT Managers Assurance Providers Risk Management Regulators Business Partners IT Vendors
Risk management
What are the 6 principles of the governance system?
SHEDDT: Provide stakeholder value Holistic approach Dynamic governance system Governance distinct from management Tailored to enterprise needs End-to-end governance system
Match the governance component with the definition provided: Includes technology and applications that provide the enterprise with the governance system for I&T processing.
Services, infrastructure and applications
Match the descriptions of the system design workflow with the correct description: Understand the enterprise context and strategy
Step 1
Match the descriptions of the system design workflow with the correct description: Determine the initial scope of the governance system
Step 2
Match the descriptions of the system design workflow with the correct description: Refine the scope of the governance system
Step 3
Match the descriptions of the system design workflow with the correct description: Conclude the governance system
Step 4
Which of these are Principles for a Governance System, and which are Principles for a governance framework? Provide Stakeholder Value Holistic approach Based on conceptual model Dynamic governance system Aligned to major standards Governance distinct from management Tailored to enterprise needs End-to-end governance system Open and flexible
The thee framework principles are: Based on a conceptual model Aligned to major standards Open and flexible
The target audiance for COBIT is ____________________
the stakeholders for EGIT
EGIT is fundamentally concerned with ____
value delivery
