SIMULACIN 01 COBIT FOUNDATION 1) Which of the following is the most significant c

oncern in the management of IT? a) Making technology work correctly b) Keeping I

T running c) Keeping up to date with the latest solutions d) Supporting develope
rs with toolkits 2) What is an essential attribute of successful performance man
agement? a) Frequently achieved targets b) Setting achievable goals c) Threateni
ng sanctions if targets are not met d) Metrics defined and approved by the stake
holders 3) Which of the following is a common reason why IT projects exceed budg
et expectations or deadlines? a) Cost of IT specialists b) Unavailability of the
latest technology c) Underestimation of the effort required d) Lack of automati
on of development tools 4) Which one of the following is a common problem encoun
tered while trying to align IT and the business? a) Use of an external IT consul
tant for project management b) Communication gaps between the business and IT c)
Inadequacy of problem management practices d) Rushing to develop too quickly 5)
Which of the following is a principle of IT Governance? a) Accountability b) Re
liability c) Availability d) Probability 6) Which of one of these is a strategic
objective? a) Delivering on time and budget b) Zero faults c) Developing system
s in house d) Devising strategies to achieve stated goals 7) Which of the follow
ing is a potential benefit of strategic alignment? a) Cost-effective administrat
ion and management b) Use of the latest technology c) Being first to market d) D
elivery on time and within budget 8) Which of the following is an important comp
onent of risk management? a) Taking no risks b) Canceling any initiative that is
risky c) Understanding the appetite for risks d) Using old tried and testes sys
tems 9) Which of the following represents an organizational perspective of a bal
anced scorecard? a) A dashboard b) A metric c) A bonus scheme d) A customer 10)
Which of the following is a characteristic of a control framework? a) Strict rul
es b) Penalty for noncompliance c) Process orientation d) Measurement system 11)
Which of the following is a key benefit of IT Governance? a) Lower IT costs b)
Responsiveness of IT c) Greater use of technology d) Increased budget for IT pro
jects 12) Which of the following is the best way to use COBIT? a) To improve all
IT process b) As a mandatory standard c) As a guide for the business to maximiz
e the benefits of IT d) To help prioritize which IT process to focus on

13) How does the COBIT Framework help an organization implement IT Governance? a
) It contains ready-made work programs b) It provides policies and standards tha
t can be mandated c) It provides good practice and guidance d) It has controls t
hat can be implemented as they are 14) Which of the following is a component of
the COBIT Framework? a) Policies b) Audit Programs c) Implementation Guidance d)
IT Resources 15) What is a Control Objective? a) A metric to be achieved by imp
lementing control procedures in a particular activity b) A level of maturity to
be achieved by implementing control procedures in a particular activity c) A sta
tement of the desired result on purpose to be achieved by implementing control p
rocedures in a particular activity d) A critical success factor to be achieved b
y implementing control procedures in a particular activity 16) What tool within
COBIT helps the business and IT understand the business requirements for informa
tion? a) Information Criteria b) Critical Success Factor c) Control Objective d)
Maturity Model 17) KPIs measure performance of: a) Control Practices b) Objecti
ves c) Controls d) IT Processes 18) Which of the following is a COBIT security r
equirement? a) Compliance b) Availability c) Reliability d) Efficiency 19) Which
of the following is a COBIT Information Criteria? a) Fiduciary b) Quality c) Ef
fectiveness d) Security 20) What do Key Goal Indicators (KGIs) measure? a) Matur
ity levels b) Process performance c) Degree of control d) The achievement of an
objective 21) Which of the following is a COBIT IT Resource? a) Database b) Infr
astructure c) Operating System d) Contractor 22) Which COBIT IT Resource can be
defined as the automated user systems and manual procedures that process informa
tion? a) Applications b) Process c) Systems d) Technology 23) Which of the follo
wing is a key feature of resource optimization? a) Hiring low cost manpower b) R
etaining hardware to minimize replacement costs c) Buying only proven products d
) Optimizing costs 24) Maturity Models help organizations to: a) Meet goals and
objectives b) Evaluate controls c) Determine the capability of the current proce
ss d) Define performance measures

25) How can COBIT be used along with other international best practices and stan
dards, such as ITIL and ISO 17799? a) To integrate the deployment of the require
d standards b) As an implementation method c) To validate the appropriateness of
the other standard d) As another view of the same area to support an approach 2
6) Which framework is increasingly accepted as the standard response for general
ly assessing IT controls? a) ITIL b) COBIT c) ISO 17799 d) CMM 27) Which of the
following is a key benefit of IT Governance? a) Greater awareness of technical s
olutions b) Ability to be an IT leader c) Confidence of top management in IT d)
Increased IT investment 28) Which part of the COBIT toolset will help the busine
ss and IT understand how to measure results? a) Management Guidelines b) Framewo
rk c) Control Objectives d) IT Governance Implementation Guide 29) Key Performan
ce Indicators are factors that: a) Identify key controls b) Identify key process
c) Positively influence the process outcome d) Focus on control practices 30) W
hich level of maturity in the COBIT processes is usually associated with a proce
ss being "standardized, documented and communicated?" a) Level 3 - defined b) Le
vel 2 - repeatable c) Level 4 - managed d) Level 1 - initial 31) COBIT Security
Baseline is a(n): a) Specialists guide to security b) Nontechnical security guid
e and reference to security-related objectives c) Security audit program for aud
itors d) Implementation road map for security professionals 32) COBIT's definiti
on of fiduciary requirements differ from that of COSO in that COBIT expands the
scope to include: a) Security b) All information c) Operations d) Systems develo
pment 33) COBIT is a framework that focuses on: a) How to do it rather than what
needs to be achieved b) What needs to be achieved rather than how to do it c) W
hat needs to be organized rather than what needs to achieved d) What needs to be
implemented rather than how measure it 34) The COBIT Framework treats informati
on as the result of the combined application of IT Resources that are managed by
: a) Information Criteria b) Control Objectives c) IT Process d) Metrics 35) The
COSO Framework is a framework to help organizations establish and determine: a)
Accounting standards b) Auditing standards c) Investment decisions d) The effec
tiveness of the internal controls 36) Which of the following COBIT IT Processes
addresses the need for "program and project risk assessment"? a) PO1 - Define a
strategic IT Plan b) PO8 - Manage quality c) PO9 - Assess and manage IT risks d)
PO10 - Manage projects

37) Which COBIT resource provides benchmarking capabilities? a) COBIT Quickstart

b) COBIT Security Baseline c) IT Governance Implementation Guide d) COBIT Onlin
e 38) The percentage of projects completed on time and on budget is a COBIT KGI?
a) True b) False 39) Which of the following aspects of COBIT can be benchmarked
in COBIT Online? a) Use of IT Resources b) Use of Information Criteria c) Proce
ss Maturity Levels d) Use of Domains 40) COBIT QuickStart is most useful for: a)
Senior management b) Small and medium sized enterprises (SMEs) c) Auditors d) C
ontrol Specialists
1. B 2. D 3. C 4. B 5. A 6. D 7. A 8. C 9. D 10. C
RESPUESTAS 11. B 21. B 12. D 13. C 14. D 15. C 16. A 17. D 18. B 19. C 20. D 22.
A 23. D 24. C 25. A 26. B 27. C 28. A 29. C 30. A
31. B 32. B 33. B 34. C 35. D 36. D 37. D 38. A 39. C 40. B

SIMULACIN 02 COBIT FOUNDATION 1) What is the likely problem encountered when tryi
ng aligning IT with business? a) The projects are too complex b) Use of external
service providers c) The changes tend to be always urgent d) Inadequate process
implementation 2) To satisfy business requirements, information needs to confor
m to certain criteria, with COBIT component refer as a) IT Process b) IT Domains
c) Information Criteria d) Control Objectives 3) Which level of maturity in COB
IT is associated with a process that has controls in place but is not documented
? a) Level 1 - Initial b) Level 2 - Repeatable c) Level 3 - Defined d) Level 4 Management e) Level 5 Optimized 4) The COSO Framework is widely accepted for a)
IT management b) IT Process c) Support Process d) Internal Controls 5) Which CO
BIT Product enables the users to benchmark and compare their organization with o
thers? a) Community b) COBIT Framework c) COBIT Implementation Tool d) COBIT Onl
ine 6) Which part of COBIT has resources to help assess the capability of IT Pro
cess? a) Control Practices b) IT Governance Implementation Guide c) Management G
uidelines d) Control Objectives 7) What is the main objective of COBIT QuickStar
t? a) Providing a generic road map for implementing IT governance b) Providing g
uidance on why controls are worth implementing c) Focusing the organization on e
ssential steps for implementing information security d) Providing a baseline of
control for the smaller organization 8) CobiT can be used by a number of audienc
es. What is the primary reason given for CobiT benefiting management? a) Assists
obtain assurance on control of IT services. b) Useful to substantiate opinions
about IT internal controls. c) Helps balance risk and control investment decisio
ns. d) A basis to provide advice on IT controls. 9) What does a Key Goal Indicat
or measure? a) Result of a control objective b) Outcome of a business process c)
Performance of an IT process d) A concern of management 10) The CobiT Framework
advocates which one of the following approaches to control implementation? a) P
rocess orientated b) Resource usage c) Baseline controls d) Risk assessment 11)
In the CobiT navigation aid, the control of an IT process is intended to satisfy
which one of the following? a) Control statements b) Business requirements c) C
ontrol practices d) Performance indicators

12) It Governance is best summarized by which one of the following statements? a

) organizational structures, practices, procedures and policies designed to prov
ide assurance b) the purpose to be achieved by implementing control procedures c
) enabling factors of IT processes d) a structure of relationships and processes
to direct and control 13) The CobiT Key Performance Indicators are intended to
be which one of the following? a) Long term goals for IT b) Self assessment scal
es c) Appraisal criteria for staff d) Short, focused and measurable 14) How are
application systems and data treated within the CobiT Framework? a) as a Resourc
e b) as a Critical success factor c) as a Business requirement d) as an IT proce
ss 15) The CobiT defined IT process of Data Management is found in which Domain?
a) Monitoring b) Planning and Organization c) Acquisition and Implementation d)
Delivery and Support 16) Controls Practice provide guidance a) the hierarchy of
control responsibilities b) how to use detail controls objectives c) why contro
ls are needed and how to implement them d) the importance control activities and
tasks 17) Which of the following framework is more used for Capability Maturity
Model related to software development? a) COSO b) ITIL c) CMM d) COBIT 18) Whic
h of the following IT Process help to assure that service providers are meeting
business requirements? a) DS1 Define and Manage Service Levels b) DS3 Manage Per
formance and Capacity c) DS2 Manage Third-party Services d) AI4 Enable Operation
and Use 19) Which of the following is an IT resource identified in COBIT? a) Da
ta Base System b) Network c) Information d) Servers 20) Which of the following i
s an IT Governance Concern of a trading partner? a) System changes are not made
without the partner approval b) The IT systems are based on the latest technolog
y c) The IT operation is cost effective and efficient d) Confidential company in
formation is not given to competitor 21) ISO 17799 provides the detailed how to
do it for: a) service quality b) service delivery c) project management d) infor
mation security management 22) Which COBIT IT Resource can be defined as being h
ardware, operation systems, database management systems, networking and environm
ent? a) Software b) Infrastructure c) Systems d) Technology 23) COSO achieves a
sharp business focus by: a) Focusing on financial return and measurement of bene
fits. b) Setting precise technical objectives and measures. c) Aligning IT with
business objectives using business focused metrics. d) Defining IT processes in
language the business can understand.

24) COBIT aids in the management of IT activities by: a) Establishing the maturi
ty levels for each activity. b) Identifying the control objectives for each acti
vity. c) Defining the steps in each activity. d) Organizing IT activities into w
ell-defined processes. 25) When a process is informal and reactive what is the l
evel of maturity? a) Level 1 - Initial b) Level 2 - Repeatable c) Level 3 - Defi
ned d) Level 4 Managed 26) COBIT is compatible with others standards because it:
a) Covers IT controls b) can be used as project management guide c) is position
ed centrally at the general level d) doesnt have any reference to others standard
s 27) Which of the following is a security requirement within the COBIT Informat
ion Criteria? a) Time b) Effectiveness c) Integrity d) Quality 28) Which COBIT p
roduct provides updated information about COBIT? a) COBIT Framework b) COBIT Imp
lementation tools c) COBIT Online d) COBIT Resources 29) Which of the following
is a characteristic of a control framework? a) Process orientation b) People ori
entation c) Technology orientation d) Resources orientation 30) Key Goal Indicat
ors (KGIs) measure: a) how well the business uses IT b) The achievement of objec
tives c) process performance d) the effectiveness of users of IT services 31) Th
e Information Criteria concerned with the protection of information from unautho
rized disclosure is: a) Compliance b) Reliability c) Availability d) Confidentia
lity 32) In DS2 - Manage Third-party Services an ongoing program that identify a
nd institutionalize best practices indicates which level of maturity? a) Level 2
- Repeatable b) Level 3- Defined c) Level 4- Managed d) Level 5- Optimized 33) W
hich of the following is included as a component part of the COBIT mission? a) P
rovide consulting and implementation services b) Produce an ISO standard c) Cert
ify companies and products d) Develop internationally accepted control objective
s 34) What is the high-level objective concerned to maintain the integrity of in
formation and protect IT assets requires a security management process? a) DS5 E
nsure Systems Security b) DS12 Manage the Physical Environment c) PO9 Assess and
Manage IT Risks d) AI7 Install and Accredit Solutions and Changes 35) What is t
he high-level objective concerned to management of all IT projects? a) PO1 Defin
e a Strategic IT Plan b) PO4 Define the IT Processes, Organization and Relations
hips c) PO5 Manage the IT Investment d) PO10 Manage Projects

36) What is the high-level objective that is related to production of documentat

ion and manuals for users? a) AI1 Identify Automated Solutions b) DS7 Educate an
d Train Users c) DS8 Manage Service Desk and Incidents d) AI4 Enable Operation a
nd Use 37) Which of the following is an IT Key Goal Indicators? a) % of formal S
LA review meetings with business per year b) % of service levels reported c) % o
f service levels reported in an automated way d) % of projects that meet the bud
ge 38) Which of the following is a Key Performance Indicators? a) % of projects
on time, on budget b) % of projects meeting stakeholder expectations c) % of sta
keholders participating in projects (involvement index) d) % of projects in annu
al IT plan subject to feasibility study 39) The COBIT Framework links: a) manage
ments IT expectations to managements IT responsibilities b) audits IT expectatio
ns to managements IT expectations c) managements IT expectations to audits IT re
sponsibilities d) managements IT expectations to business management responsibil
ities 40) COBIT Framework can be used only in large organizations a) True b) Fal
se
RESPUESTAS 1. A 2. C 3. B 4. D 5. D 6. C 7. D 8. C 9. B 10. A 11. B 12. D 13. D
14. A 15. D 16. C 17. C 18. C 19. C 20. A 21. D 22. B 23. A 24. D 25. A 26. C 27
. C 28. C 29. A 30. B 31. D 32. D 33. D 34. A 35. D 36. D 37. D 38. C 39. A 40.
B

SIMULACIN 03 COBIT FOUNDATION 1) Which of the following CobiT high-level Control

Objectives will be most useful when managing service providers? a) PO4 - Define
the IT organization and relationships b) DS1 - Define and manage service levels
c) DS2 - Manage third-party services d) DS8 - Assist and advise customers 2) Wha
t is the IT control model that is based on COSO? a) COBIT b) CMM c) ITIL d) ISO
17799 3) Which of the following IT Processes addresses outsourcing contracts? a)
P04 Define the IT organization and relationships b) POl0 Project management c)
AI3 Acquire and maintain technology infrastructure d) DS2 Manage third-party ser
vices 4) Which component of CobiT will help answer the question: How do I determ
ine whether we are doing the right things? a) Control Objectives b) IT Governanc
e Implementation Guide c) Management Guidelines d) Framework 5) CobiT Security B
aseline is a(n): a) Specialists guide to security b) Implementation road map for
security professionals c) Security audit program for auditors d) Non technical
security guide and reference to security-related objectives 6) The generic matur
ity model approach and method of scoring form nonexistent to "Optimized (from 0
to 5) within CobiT is designed to help organizations understand their: a) Domain
s b) Metrics c) Capabilities d) Controls 7) The CobiT Framework is based upon th
e premise that IT: a) Controls need to be aligned to the requirements of regulat
ors b) Needs to deliver information that will satisfy the requirements of audito
rs c) Functions should be organized to deliver profits to the enterprise d) Need
s to deliver information that the enterprise requires to achieve its objectives
8) Which CobiT product provides an interactive knowledge base? a) IT Governance
Implementation Guide b) CobiT Quickstart assessment tool c) CobiT Online d) Cobi
T Security Baseline Survival Kits 9) The Information Criteria with the provision
of appropriate information for management to operate the entity and exercise it
s financial and compliance reporting responsibilities is: a) Reliability b) Conf
identiality c) Integrity d) Compliance 10) Which of the following is a security
requirement within the CobiT Information Criteria? a) Quality b) Confidentiality
c) Effectiveness d) Delivery 11) Which of the following is the best way to ensu
re the right skills are available to meet the IT strategy? a) Ensure staff are t
rained on the latest available technology b) Hire well qualified and experienced
staff c) Ensure staff are well compensated d) Execute an effective recruitment,
retention and training program 12) CobiT Maturity Models provide a framework to
identify: a) Information Criteria and an ongoing basis to measure controls b) C
ontrols and an ongoing basis to measure Control Practices c) Improvement targets
and an ongoing basis to measure status and progress d) Metrics and an ongoing b
asis to measure goals

13) The CobiT Framework states that to satisfy business objectives, information
needs to conform to certain information criteria, including: a) Efficiency b) De
livery c) Continuity d) Security 14) Which of the following is a component of th
e CobiT Framework? a) Procedures b) Security Objectives c) Business Requirements
/Information Criteria d) Audit Objectives 15) Through which of the following COB
IT Online facilities does ISACA raise its awareness of COBIT users experiences a
nd issues? a) Benchmarking b) Help c) Surveys d) Feedback 16) The best way for o
rganizations to ensure adequate security of their IT environment is by: a) Inves
ting in the latest access control software solutions an focusing on protecting t
he network b) Increasing the awareness of management and users of their responsi
bilities and possible risks c) Focusing on an expert group and employing skilled
security experts and advisors d) Physically protecting vulnerable computer equi
pment and storing them in locked rooms 17) COBIT is a: a) Standard for security
Management b) Framework and a knowledge base for IT processes and their manageme
nt c) Methodology for developing high-quality IT systems d) Best practice for se
rvice management 18) Which of the following can be benchmarked in CobiT Online?
a) Significance of Information Criteria b) Use of Control Practices c) Relevance
of IT Resource d) Importance of a Control Objectives 19) Which of the following
is a characteristic of a control framework? a) Audit trails b) Mandatory limits
c) Business focus d) Exception reports 20) A method for managing risks is risk:
a) Measurement b) Mitigation c) Adjustment d) Taking 21) Which level of maturit
y in the CobiT IT processes is usually associated with a process being monitored
? a) Level 1- Initial b) Level 4- Managed c) Level 3 - Defined d) Level 2 - Repe
atable 22) Which of the following is the most important organizational challenge
facing all organizations today? a) Using the latest technology b) Buying the ri
ght computer systems c) Developing technology solutions d) Determining the appro
priate level of control for IT 23) Which of the following phrases best describe
value delivery? a) Delivery under budget b) Delivery of promised benefits at a r
easonable cost c) Promising the lowest price d) Using systems out of the box to
save costs 24) Which of the following represents an organizational perspective o
f a balanced scorecard? a) Control b) Learning c) Management d) Governance

25) ITIL provides the detailed how to do it for: a) IT service management b) Pro
ject management c) Strategic planning d) IT security 26) Organizations should us
e CobiT as: a) A set of mandatory procedures b) A systems development life cycle
c) A basis to meet the specific needs of the business d) Provided without modif
ication 27) Which of the following is the most significant challenge in the mana
gement of IT? a) Maintaining currency of the infrastructure b) Mastering complex
ity of the IT environment c) Solving technical problems d) Choosing the best man
agement tools 28) Which of the following is a key benefit of IT Governance? a) A
bility to be an IT leader b) Increased IT investment c) Greater awareness of ava
ilable technical solutions d) Greater transparency over IT 29) Maturity Models h
elp organizations to: a) Measure performance against objectives b) Define proced
ures for specific controls c) Meet Critical Success Factors d) Define targets to
be achieved 30) Which domain of IT Governance delivers benefits at reasonable c
ost? a) Resource management b) Risk management c) Value delivery d) Performance
measurement 31) Which of the following is the best way to manage what constitute
s good service? a) Measure maturity of service-related processes b) Assess contr
ols in service delivery c) Create contractually defined service levels d) Perfor
m audits of service contracts 32) A primary advantage of adopting the CobiT Fram
ework is that it: a) Is compatible with other frameworks b) Focuses on operation
s c) Focuses on security d) Is based on accounting controls 33) Which of the fol
lowing is an IT resource identified in CobiT? a) Network b) Servers c) Applicati
ons d) Systems software 34) Which of the following is included as a component of
the CobiT mission? a) Produce an ISO standard b) Certify companies and products
c) Develop internationally accepted control objectives d) Provide consulting an
d implementation services 35) KPIs measure: a) Enabling factors b) Control Pract
ices c) IT Process d) Controls 36) CobiT contributes to the use of multiple stan
dards and best practices within organizations because it: a) Can be used as a sy
stems development life cycle b) Helps enhance accounting procedures c) Is positi
oned centrally at the general level d) Covers IT controls and business controls
37) Which of the following IT Processes includes a detailed control objective fo
r post implementation reviews? a) DS2 Manage third-party services b) AI6 Change
management c) Ml Monitor the process

d) PO 10 Manage projects 38) Which CobiT domain focuses on making sure changes c
annot be made without disrupting business activities? a) Plan and Organize b) Mo
nitor and Evaluate c) Deliver and Support d) Acquire and Implement 39) Which Cob
iT IT Resource can be defined as being hardware, operating systems, database man
agement systems, networking ad multimedia? a) Infrastructure b) Systems c) Techn
ology d) Software 40) A primary objective of CobiT Quickstart is to: a) Perform
a quick maturity assessment b) Perform audits quickly c) Gain benefits quickly d
) Focus on technical areas
RESPUESTAS 1. C 2. A 3. D 4. C 5. D 6. C 7. D 8. C 9. A 10. B 11. D 12. C 13. A
14. C 15. C 16. B 17. B 18. D 19. C 20. B 21. B 22. D 23. B 24. B 25. A 26. C 27
. A 28. D 29. D 30. C 31. C 32. A 33. C 34. C 35. C 36. C 37. D 38. D 39. A 40.
C

SIMULACIN 04 COBIT FOUNDATION 1) Which of the following is an IT resource identif

ied in CobiT? a) Network b) Systems software c) Servers d) Infrastructure 2) Whi
ch of the following is a benefit of strategic alignment? a) Meeting project dead
lines b) Maintaining skilled resources c) Producing high-quality software d) Opt
imizing the use of resources 3) A primary advantage of adopting the CobiT Framew
ork is that it: a) Focuses on security b) Focuses on operations c) Is based on a
ccounting controls d) Is compatible with other frameworks 4) What is the IT cont
rol model that is based on COSO? a) ISO 17799 b) COBIT c) ITIL d) CMM 5) Which o
f the following is an IT Governance concern of a trading partner? a) The IT oper
ation is cost effective and efficient b) System changes are not made without the
partners approval c) Confidential company information is not given to competito
rs d) The IT systems are based on the latest technology 6) Which the following i
s used to measure IT Processes for outcome? a) RACI Charts b) Maturity Models c)
Key Performance Indication d) Key Goal Indicator 7) Which of the following is t
he most significant challenge in the management of IT? a) Choosing the best mana
gement tools b) Ensuring regulatory compliance c) Solving technical problems d)
Maintaining currency of the infrastructure 8) Which of the following is a charac
teristic of a control framework? a) Mandatory limits b) Exception reports c) Aud
it trails d) Helps meet regulatory requirements 9) The Assurance Guide enable th
e auditor to: a) Help process owners decide what controls to fix b) Define contr
ols c) Set objectives and measures d) Assess maturity of processes 10) Which of
the following is the most likely problem caused by the complexity of IT? a) Adap
ting to rapid changes and new developments b) Failing to select the best IT solu
tion c) Managing user support requests d) Keeping projects on track and within b
udget 11) In PO10 an ongoing program to identify and institutionalize best pract
ices indicates which level of maturity? a) Level 2 - Repeatable b) Level 4 - Man
aged c) Level 5 - Optimized d) Level 3 - Defined 12) Key Goal Indicators (KGIs)
measure: a) The achievement of objectives b) How well the business uses IT c) Th
e effectiveness of users of IT services d) Process performance

13) COSO is an accepted framework for establishing: a) Management processes b) I

nternal controls c) Regulatory requirements d) IT controls 14) The Percent of ma
jor suppliers meeting clearly defined requirements and service levels is an exam
ple of a CobiT KGI? a) True b) False 15) KGIs are often referred to as lag indic
ators because they only are measured: a) As groups of goals b) One goal at a tim
e c) On a continuous basis d) After the fact 16) Which CobiT product provides th
e most up-to-date CobiT information? a) CobiT Framework b) CobiT Control Objecti
ves c) CobiT Online d) IT Governance Implementation Guide 17) ISO 17799 provides
the detailed how to do it for: a) Information security management b) Service de
livery c) Strategic planning d) Project management 18) Which of the following is
a component of the CobiT Framework? a) IT Procedures b) IT audit objectives c)
Information Criteria d) IT security objectives 19) How do COBITs Management Guide
lines help to keep the ship on course? a) Metrics and maturity models enable sco
recards and benchmarking to be used b) Control practices enable users to impleme
nt effective controls c) Control objectives enable key controls to be defined d)
Key activities enable important actions to be performed 20) Which CobiT domain
focuses on areas such as operations, security and continuity? a) Monitor and Eva
luate b) Plan and Organize c) Acquire and Implement d) Deliver and Support 21) C
OBIT ensures process orientation by: a) Defining the procedures that need to be
followed for all key IT processes. b) Providing an IT process model with interfa
ces to business processes. c) Defining the skills and resources required to oper
ate IT processes. d) Enabling responsibility for processes to be assigned. 22) W
hich of the following IT Processes is concerned with defining and collecting mon
itoring data? a) P04 Define the IT organization and relationships b) DS1 Define
and manage service levels c) ME1 Monitor and evaluate IT performance d) DS2 Mana
ge third-party services 23) The CobiT Framework states that to satisfy business
objectives, information needs to conform to certain information criteria, includ
ing? a) Continuity b) Security c) Delivery d) Compliance 24) Which CobiT IT Reso
urce can be defined as being hardware, operating systems, database management sy
stems, networking, multimedia and environment? a) Systems b) Technology c) Softw
are d) Infrastructure

25) In DS2 responsibilities for contract and vendor management are assigned indi
cates which level of maturity? a) Level 2 - Repeatable b) Level 3 - Defined c) L
evel 4 - Managed d) Level 1 - Initial 26) To satisfy business objectives, inform
ation needs to conform to certain criteria, which CobiT refers as: a) Control Pr
actices b) Control Objectives c) Information Criteria d) Key Goal Indicators 27)
Which of the following is a Component of the management guidelines? a) Process
descriptions b) Information attributes c) Key goal and performance indicators d)
Assurance levels 28) The use of CobiT Quickstart is most valuable to: a) Contro
l specialists requiring an easy-to-apply checklist b) Boards of directors wantin
g to get a quick overview of CobiT c) Organizations wanting to focus initially o
n the important elements of CobiT d) Audit managers needing to quickly devise an
IT audit approach 29) Which of the following IT Processes addresses delivering
in agreed timeframes, budgets and quality? a) DS2 Manage third-party services b)
PO10 Manage projects c) DS8 Manage service desk and incidents d) PO1 Define a s
trategic IT plan 30) A risk management method is risk: a) Acceptance b) Adjustme
nt c) Taking d) Measurement 31) The relationship owners must liaise on customer
and supplier issues and ensure the quality of the relationship based on trust an
d transparency is an example of a: a) Key Activity b) Control Practice c) KGI d)
Control Objective 32) Which of the following is a key benefit of IT Governance?
a) Greater transparency over IT b) Ability to be an IT leader c) Greater awaren
ess of technical solutions d) Increased IT investment 33) Which level of maturit
y in the CobiT IT processes is usually associated with best practices? a) Level
5 - Optimized b) Level 3 - Defined c) Level 2 - Repeatable d) Level 4 Managed 34
) Where within CobiT will a user find help in setting measurable objectives? a)
Control Objectives b) Framework c) IT Governance Implementation Guide d) Managem
ent Guidelines 35) Which of the following is a security requirement within the C
obiT Information Criteria? a) Effectiveness b) Confidentiality c) Quality d) Del
iverY 36) Which of the following represents an organizational perspective of a b
alanced scorecard? a) Control b) Management c) Process d) Governance

37) Through which of the following CobiT Online facilities does ISACA raise its
awareness of CobiT users experiences and issues? a) Surveys b) Benchmarking c) F
eedback d) Help 38) Which of the following is included as a component part of th
e CobiT mission? a) Provide consulting and implementation services b) Produce an
ISO standard c) Develop internationally accepted control objectives d) Certify
companies and products 39) The measure of significant incidents of supplier noncompliance per time period is an example of a: a) KPI b) KGI c) CSF d) CMM 40) W
hat does the CobiT Framework focus on? a) Adequate governance, management and co
ntrol of IT b) Required control procedures c) A guide for the business in how to
use IT services d) A checklist for auditors
RESPUESTAS 1. D 2. D 3. D 4. B 5. B 6. D 7. D 8. D 9. A 10. A 11. C 12. A 13. B
14. A 15. D 16. C 17. A 18. C 19. A 20. D 21. D 22. C 23. D 24. D 25. C 26. C 27
. C 28. C 29. B 30. A 31. D 32. A 33. A 34. D 35. B 36. C 37. A 38. C 39. A 40.
A

SIMULACIN 05 COBIT FOUNDATION 1) Resource needs and roles and responsibilities, a

s well as escalation and decision making authorities, are identified for the pro
ject is an example of a: a) Key Activity b) Control Practice c) Control Objectiv
e d) KGI 2) Which component of CobiT will help answer the question: Am I meeting
goals? a) Control Objectives b) IT Governance Implementation Guide c) Framework
d) Management Guidelines 3) Which of the following is the best way for an organ
ization to ensure third party regulatory compliance? a) Ensuring compliance requ
irements are included in legal and contractual agreements with service providers
and trading partners b) Asking the third parties compliance function to review
all regulatory matters c) Performing due diligence reviews of the third parties
control environment d) Discussing with regulators any problems in the past with
the third party 4) A risk management method is risk: a) Adjustment b) Taking c)
Acceptance d) Measurement 5) What is a detailed control objective? a) The minimu
m controls required b) The minimum maturity required c) The degree of security r
equired d) A description of a process activities 6) Which of the following is an
IT resource identified in CobiT? a) Network b) People c) Systems software d) Se
rvers 7) Which CobiT domain focuses on strategy, tactics and the planned vision?
a) Monitor and Evaluate b) Plan and Organise c) Deliver and Support d) Acquire
and Implement 8) Which of the following IT Processes is concerned with defining
and collecting monitoring data? a) DS2 Manage third-party services b) ME 1 Monit
or and evaluate IT performance c) DS 1 Define and manage service levels d) P04 D
efine the IT organization and relationships 9) The standards and best practices
an organization adopts should be determined by the: a) Chief executive officer b
) Organizations operating environment c) Organization HR department d) Architect
ure groups policies 10) A primary advantage of adopting the CobiT framework is t
hat it: a) Focuses on security b) Focuses on operations c) Is compatible with ot
her frameworks d) Is based on accounting controls 11) Which domain of IT Governa
nce deals with making sure there is an optimal capability to deliver the IT stra
tegy? a) Strategic alignment b) Resource management c) Risk management d) Value
delivery 12) Which level of maturity in the CobiT processes is usually associate
d with best practices? a) Level 3 - Defined b) Level 4 - Managed c) Level 2 - Re
peatable d) Level 5 - Optimized

13) Which of the following is the best way to make performance measurement succe
ssful? a) Insist that all staff members measure their personal performance b) Re
port on performance failures and successes and publish openly c) Establish metri
cs that have been defined and approved by stakeholders d) Set targets that stret
ch performance in key aspects of IT service delivery 14) Utilizing the CobiT Fra
mework will help an organization to: a) Be more aware of technological developme
nts and approaches b) Develop systems quicker and at lower costs. c) Better alig
n IT with the business d) Hire more qualified and better skilled IT staff 15) Wh
ich of the following can be benchmarked in Cobit Online? a) Importance of a proc
ess b) Relevance of IT Resource c) Significance of Information Criteria d) Use o
f Control Practices 16) Which of the following is a characteristic of a control
framework? a) Exception reports b) Helps meet regulatory requirements c) Audit t
rails d) Mandatory limits 17) CMM is a methodology used to develop and refine an
organizations: a) Strategic planning b) IT service delivery execution c) Softwa
re development process d) Business continuity and security planning 18) In PO10
project milestones and criteria for evaluating success indicates which level of
maturity? a) Level 4 - managed b) Level 3 - defined c) Level 2 - Repeatable d) L
evel 1 - Initial 19) Which CobiT IT Resource can be defined as being hardware, o
perating systems, database management systems, networking, multimedia and enviro
nment? a) Software b) Technology c) Systems d) Infrastructure 20) A primary obje
ctive of CobiT Quickstart is to: a) Gain benefits quickly b) Perform audits quic
kly c) Perform a quick maturity assessment d) Focus on technical areas 21) The P
ercent of major suppliers meeting clearly defined requirements and service level
s is an example of a CobiT KGI? a) False b) True 22) Which of the following is a
key benefits of IT Governance? a) Ability to be an IT leader b) Increased IT in
vestment c) Greater transparency over IT d) Greater awareness of technical solut
ions 23) What does the CobiT Framework focus on? a) A guide for the business in
how to use IT services b) A checklist for auditors c) Adequate governance, manag
ement and control of IT d) Required control procedures 24) Which of the followin
g is the most likely problem encountered when trying to align IT with the busine
ss? a) Developed too quickly b) Inability to set priorities c) Inadequate proble
m management practices d) Use of an external IT consultant for project managemen
t

25) Which of the following is used to define roles? a) Key Performance Indicator
s b) RACI Charts c) Information Criteria d) Maturity Models 26) The CobiT Framew
ork states that to satisfy business objectives, information needs to confirm to
certain information criteria, including? a) Integrity b) Delivery c) Continuity
d) Security 27) The Assurance Guide enable the auditor to: a) Set objectives and
measures b) Assess maturity of processes c) Helps process owners decide what co
ntrols to fix d) Define controls 28) Which of the following is a security requir
ement within the CobiT Information Criteria? a) Confidentiality b) Effectiveness
c) Quality d) Delivery 29) The CobiT Online Benchmarking facility can be used b
y: a) Browsing and completing maturity assessments b) Participating in surveys c
) Inputting user scores on a range of CobiT components d) Downloading selected C
obiT content and doing maturity assessments 30) Which of the following is includ
ed as a component part of the CobiT mission? a) Provide consulting and implement
ation services b) Produce an ISO standard c) Certify companies and products d) D
evelop internationally accepted control objectives 31) The Management Guidelines
provide tools to set measurable objectives for each: a) Information Criteria an
d measure and compare its current capability in each process b) Process and meas
ure and compare its current capability in each process c) Resource and measure a
nd compare its current capability in each process d) Domain and measure and comp
are its current capability in each process 32) How do CobiTs Management Guidelin
es help to keep the ship on course? a) Key activities enable important actions t
o be performed b) Metrics and maturity models enable scorecards and benchmarking
to be used c) Control practices enable users to implement effective controls d)
Control objectives enable key controls to be defined 33) CobiT Maturity Models
provide a framework to identify: a) Information Criteria and an ongoing basis to
measure controls b) Metrics and an ongoing basis to measure goals c) Controls a
nd an ongoing basis to measure Control Practices d) Improvement targets and an o
ngoing basis to measure status and progress 34) Which of the following is used t
o implement Control Objectives? a) IT processes b) Maturity Models c) Control Pr
actices d) Activities 35) To satisfy business objectives, information needs to c
onform to certain criteria, which CobiT refers as: a) Key Goal Indicators b) Con
trol Objectives c) Information Criteria d) Control Practices 36) Which of the fo
llowing phrases best describe Value Delivery? a) Using systems out of the box to
save costs b) Delivering under budget c) Delivering on promised benefits at a r
easonable cost d) Promising the lowest price

37) ISO 17799 provides the detailed how to do it for: a) Service delivery b) Str
ategic planning c) Information security management d) Project management 38) Whi
ch of the following is a component of the management guidelines? a) Information
attributes b) Control objectives c) Process and activity goals d) Assurance leve
ls 39) IT costs are usually perceived to be out of control because most organiza
tions: a) have weak controls over the purchasing process b) experience an annual
increase in operating budgets as a result of complex licensing, maintenance and
outsourcing contracts c) fail to identify cost-effective IT solutions d) undere
stimate the cost of technology 40) In DS2 a signed pro-forma contract is used wi
th standard vendor terms and conditions and description or services to be provid
e indicates which level of maturity? a) Level 2 - Repeatable b) Level 1 - Initia
l c) Level 3 - Defined d) Level 4 Managed
RESPUESTAS 1. B 2. D 3. C 4. C 5. A 6. B 7. B 8. B 9. A 10. C 11. B 12. D 13. C
14. C 15. A 16. B 17. C 18. A 19. D 20. A 21. B 22. C 23. C 24. B 25. B 26. A 27
. C 28. A 29. C 30. D 31. B 32. B 33. D 34. C 35. C 36. C 37. C 38. C 39. C 40.
A

SIMULACIN 06 COBIT FOUNDATION 1) Which domain of IT Governance delivers benefits

at reasonable cost? a) Resource management b) Performance measurement c) Value d
elivery d) Risk management 2) Which of the following is a component of the COBIT
Framework? a) Procedures b) Business Requirements/Information Criteria c) Secur
ity Objectives d) Audit Objectives 3) COBIT Security Baseline is cross-reference
d to: a) ITIL b) ISO 17799 c) COSO d) CMM 4) COBIT Maturity Models enable a proc
ess owner to benchmark the: a) Relative maturity of the current process and set
targets for improvement b) Controls of the current process and set targets for C
ontrol Practices c) Responsibilities of the current process and set targets for
accountability d) Metrics of the current process and set targets for goal indica
tors 5) Which level of maturity in the COBIT IT processes is usually associated
with a process being monitored? a) Level 1- Initial b) Level 3 - Defined c) Leve
l 2 - Repeatable d) Level 4 Managed 6) How does Cobit help management and audito
rs? a) Management now understand what auditing is all about b) Audit requirement
s are properly understood and defined c) Audit findings are now expressed in Cob
iTs terms d) Audit findings will be reduced using CobiT 7) Which of the followin
g is a benefit of strategic alignment? a) Maintaining skilled resources b) Produ
cing high-quality software c) Meeting project deadlines d) Optimal use of resour
ces 8) The Information Criteria concerned with the provision of appropriate info
rmation for management to operate the entity and exercise its financial and comp
liance reporting responsibilities is: a) Compliance b) Reliability c) Confidenti
ality d) Integrity 9) The COBIT mission is to research/ develop, publicize and p
romote an authoritative up-to-date, international set of generally accepted a)
Information technology audit objectives for day-to-day use by business managers
and auditors. b) Business control objectives for day-to-day use by business mana
gers and auditors c) Information technology control procedures for day-to-day us
e by business managers and auditors. d) Information technology control objective
s for day-to-day use by business managers and auditors. 10) Which COBIT product
provides the most up-to-date COBIT information? a) IT Governance Implementation
Guide b) COBIT Framework c) COBIT Control Objectives d) COBIT Online 11) Organiz
ations should use COBIT as: a) Provided without modification b) A set of mandato
ry procedures c) A systems development life cycle d) A basis to meet the specifi
c needs of the business 12) How do the Assurance Guide help internal and externa
l auditors? a) Create maturity models. b) Create metrics. c) Design processes an
d controls, d) Assess the performance of the organization,

13) Which of the following is the best way to manage what constitutes good servi
ce? a) Assess controls in service delivery, b) Create contractually defined serv
ice levels, c) Perform audits of service contracts. d) Measure maturity of servi
ce-related processes, 14) Which of the following is a key feature of resource op
timization? a) Choosing a number of key product suppliers b) Utilizing equipment
as much as possible c) Ensuring that sufficient capability exists for businesscritical activities d) Making sure the lowest cost manpower has been obtained 15
) The measure of frequency of service level reports is an example of a: a) CMM b
) KGI c) CSF d) KPI 16) Which of the following is a characteristic of a control
framework? a) Audit trails b) Exception reports c) Business focus d) Mandatory l
imits 17) Which of the following is the most significant challenge in the manage
ment of IT? a) Maintaining adequate security b) Maintaining currency of the infr
astructure c) Solving technical problems d) Choosing the best management tools 1
8) Which of the following is a key benefit of IT Governance? a) Increased IT inv
estment b) Greater awareness of available technical solutions c) Ability to be a
n IT leader d) Greater transparency over IT 19) What is the IT control model tha
t is based on COSO? a) ISO 17799 b) ITIL c) COBIT d) CMM 20) ITIL provides the d
etailed how to do it for: a) IT security b) IT service management c) Strategic p
lanning d) Project management 21) Which of the following is an IT resource ident
ified in COBIT? a) Applications b) Network c) Servers d) Systems software 22) CO
BIT contributes to the use of multiple standards and best practices within organ
izations because it: a) Helps enhance accounting procedures b) Covers IT control
s and business controls c) Is positioned centrally at the general level d) Can b
e used as a systems development life cycle 23) Which of the following is a secur
ity requirement within the COBIT Information Criteria? a) Delivery b) Effectiven
ess c) Confidentiality d) Quality 24) A primary advantage of adopting the COBIT
Framework is that it: a) Focuses on operations b) Is based on accounting control
s c) Is compatible with other frameworks d) Focuses on security 25) The best way
for organizations to ensure adequate security of their IT environment is by: a)
Increasing the awareness of management and users of their responsibilities and
possible risks b) Investing in the latest access control software solutions and
focusing on protecting the network c) Physically protecting vulnerable computer
equipment and storing them in locked rooms d) Focusing on an expert group and em
ploying skilled security experts and advisors

26) Through which of the following COBIT Online facilities does ISACA raise its
awareness of COBIT users experiences and issues? a) Help b) Benchmarking c) Feed
back d) Survey 27) Which of the following IT Processes includes a detailed contr
ol objective for post implementation reviews? a) PO10 Manage project b) M1 Monit
or the process c) DS2 Manage third-party services d) AI6 Change management 28) A
method for managing risks is risk: a) Adjustment b) Taking c) Measurement d) Ac
ceptance 29) Maturity Models help organizations to: a) Define procedures for spe
cific controls b) Measure performance against objectives c) Define targets to be
achieved d) Meet Critical Success Factors 30) Which component of COBIT will hel
p answer the question: How do I determine whether we are doing the right things?
a) Management Guidelines b) Control Objectives c) IT Governance Implementation
Guide d) Framework 31) KPIs measure: a) Controls b) Enabling factors c) IT Proce
sses d) Control Practices 32) The percent of projects with post-project reviews
is an example of a COBIT KPI? a) False b) True 33) Which COBIT IT Resource can b
e defined as being hardware, operating systems, database management systems, net
working and multimedia? a) Systems b) Software c) Technology d) Infrastructure 3
4) Which of the following IT Processes addresses outsourcing contracts? a) AI3 A
cquire and maintain technology infrastructure b) PO1O Project management c) P04
Define the IT organization and relationships d) DS2 Manage third-party services
35) The COBIT Framework states that to satisfy business objectives, information
needs to conform to certain information criteria, including: a) Efficiency b) Se
curity c) Delivery d) Continuity 36) The generic maturity model approach and met
hod of scoring from nonexistent to optimized (from O to 5) within COBIT is desig
ned to help organizations understand their: a) Controls b) Capabilities c) Metri
cs d) Domains 37) COBIT aids in the management of IT activities by: a) identifyi
ng the control objectives for each activity. b) organizing IT activities into we
ll-defined processes. c) defining the steps in each activity. d) establishing th
e maturity levels for each activity.

38) Which of the following represents an organizational perspective of a balance

d scorecard? a) Management b) Control c) Learning d) Governance 39) Which of the
following is included as a component of the COBIT mission? a) Develop internati
onally accepted control objectives. b) Provide consulting and implementation ser
vices. c) Certify companies and products. d) Produce an ISO standard 40) Which C
OBIT product provides a select and summarized version of COBIT? a) COBIT Quick s
tart b) Management Guidelines c) IT Governance Implementation Guide d) Control O
bjectives
RESPUESTAS 1. C 2. B 3. B 4. A 5. D 6. B 7. D 8. B 9. D 10. D 11. D 12. D 13. B
14. C 15. D 16. C 17. B 18. D 19. C 20. B 21. A 22. C 23. C 24. C 25. A 26. D 27
. A 28. D 29. C 30. A 31. C 32. B 33. D 34. D 35. A 36. B 37. B 38. C 39. A 40.
A

SIMULACIN 07 COBIT FOUNDATION 1) Which domain of IT Governance delivers benefits

at reasonable cost? a) Resource management b) Performance measurement c) Value d
elivery. d) Risk management 2) Which of the following is a component of the COBI
T Framework? a) Procedures b) Business Requirements/Information Criteria. c) Sec
urity Objectives d) Audit Objectives 3) COBIT Security Baseline is cross-referen
ced to: a) ITIL b) ISO 17799. c) COSO d) CMM 4) COBIT Maturity Models enable a p
rocess owner to benchmark the: a) Relative maturity of current process and set t
argets for improvement. b) Controls of the current process and set targets for C
ontrol Practices c) Responsibilities of the current process and set targets for
accountability d) Metrics of the current process and set targets for goal indica
tors 5) Which level of maturity in the COBIT IT processes is usually associated
with a process being monitored? a) Level 1 Initial b) Level 3 Defined c) Level 2
Repeatable d) Level 4 Managed. 6) Where within COBIT will a user find resources
to help assess the capability of the IT Processes? a) Management Guidelines b)
IT Governance Implementation Guide c) Control Objectives d) Framework 7) Which o
f the following is a benefit of strategic alignment? a) Maintaining skilled reso
urces b) Producing high-quality software c) Meeting project deadlines d) Optimal
use of IT resources. 8) The Information Criteria concerned with the provision o
f appropriate information for management to operate the entity and exercise its
financial and compliance reporting responsibilities is: a) Compliance b) Reliabi
lity. c) Confidentiality d) Integrity 9) The COBIT Domains provide logical group
ings for: a) Maturity Models b) IT Resources c) Information Criteria d) IT Proce
sses. 10) Which COBIT product provides the most up-to-date COBIT information? a)
IT Governance Implementation Guide b) COBIT Framework c) COBIT Control Objectiv
es d) COBIT Online. 11) Organizations should use COBIT as: a) Provided without m
odification b) A set of mandatory procedures c) A systems development life cycle
d) A basis to meet the specific needs of the business. 12) How do the Audit Gui
delines help internal and external auditors? a) Create maturity models b) Create
metrics c) Design processes and controls d) Assess the performance of the organ
ization.

13 - Which of the following is the best way to manage what constitutes good serv
ice? a) Assess controls in service delivery b) Create contractually defined serv
ice levels. c) Perform audits of service contracts d) Measure maturity of servic
e-related processes 14) KPIs measure: a) Enabling factors b) IT Processes. c) Co
ntrol Practices d) Controls 15) The measure of frequency of service level report
s is an example of a: a) CMM b) KGI c) CSF d) KPI. 16) Which of the following is
a characteristic of a control framework? a) Audit trails b) Exception reports c
) Business focus. d) Mandatory limits 17) Which of the following is the most sig
nificant challenge in the management of IT? a) Maintaining adequate security b)
Maintaining currency of the infrastructure. c) Solving technical problems d) Cho
osing the best management tools 18) Which of the following is a key benefit of I
T Governance? a) Increased IT investment b) Greater awareness of available techn
ical solutions c) Ability to be an IT leader d) Greater transparency over IT. 19
) What is the IT control model that is based on COSO? a) ISO 17799 b) ITIL c) CO
BIT. d) CMM 20) ITIL provides the detailed how to do it for: a) IT security b) I
T service management. c) Strategic planning d) Project management 21) Which of t
he following is an IT resource identified in COBIT? a) Applications. b) Network
c) Servers d) Systems software 22) Which component of COBIT Online enables a use
r to perform an online search of COBIT content? a) Benchmarking b) Browsing. c)
Feedback d) Help 23) Which of the following is a security requirement within the
COBIT Information Criteria? a) Delivery b) Effectiveness c) Confidentiality. d)
Quality 24) A primary advantage of adopting the COBIT Framework is that IT: a)
Focuses on operations b) Is based on accounting controls. c) Is compatible with
other frameworks d) Focuses on security

25) The best way for organizations to ensure adequate security of their IT envir
onment is by: a) Increasing the awareness of management and users of their respo
nsibilities and possible risks. b) Investing in the latest access control softwa
re solutions and focusing on protecting the network c) Physically protecting vul
nerable computer equipment and storing them in locked rooms d) Focusing on an ex
pert group end employing skilled security experts and advisors 26) Through which
of the following COBIT Online facilities does ISACA raise its awareness of COBI
T users experiences and issues? a) Help b) Benchmarking. c) Feedback d) Survey 2
7) Which of the following IT Processes includes a KPI for post implementation re
views? a) PO10 Manage project. b) M1 Monitor the process c) DS2 Manage third-par
ty services d) AI6 Change management 28) A method for managing risks is risk: a)
Adjustment b) Taking c) Measurement. d) Acceptance 29) Maturity Models help org
anizations to: a) Define procedures for specific controls b) Measure performance
against objectives. c) Define targets to be achieved d) Meet Critical Success F
actors 30) Which component of COBIT will help answer the question: How do I dete
rmine whether we are doing the right things? a) Management Guidelines. b) Contro
l Objectives c) IT Governance Implementation Guide d) Framework 31) KPIs measure
: a) Controls b) Enabling factors c) IT Processes. d) Control Practices 32) The
percent of projects with post-project reviews is an example of a COBIT KPI? a) F
alse b) True. 33) Which COBIT IT Resource can be defined as being hardware, oper
ating systems, database management systems, networking and multimedia? a) System
s b) Software c) Technology d) Infrastructure. 34) Which of the following IT Pro
cesses addresses outsourcing contracts? a) AI3 Acquire and maintain technology i
nfrastructure b) PO10 Project management c) PO4 Define the IT organization and r
elationships d) DS2 Manage third-party services. 35) The COBIT Framework states
that to satisfy business objectives, information needs to conform to certain inf
ormation criteria, including: a) Efficiency. b) Security c) Delivery d) Continui
ty 36) The generic maturity model approach and method of scoring from nonexisten
t to optimize (from 0 to 5) within COBIT is designed to help organizations under
stand their: a) Controls b) Capabilities. c) Metrics d) Domains

37) Which of the following can be benchmarked in COBIT Online? a) Relevance of I

T Resources b) Use of Control Practices c) Significance of Information Criteria
d) Importance of a process 38) The Number of significant incidents of supplier n
on-compliance per time period is an example of a COBIT KPI? a) False b) True 39
- Which of the following is included as a component of the COBIT mission? a) Dev
elop internationally accepted control objectives. b) Provide consulting and impl
ementation services c) Certify companies and products d) Produce an ISO standard
40 - Which COBIT product provides a select and summarized version of COBIT? a)
COBIT Quick start. b) Management Guidelines c) IT Governance Implementation Guid
e d) Control Objectives
RESPUESTAS 1. C 2. B 3. B 4. A 5. D 6. A 7. D 8. B 9. D 10. D 11. D 12. D 13. B
14. B 15. D 16. C 17. B 18. D 19. C 20. B 21. A 22. B 23. C 24. C 25. A 26. D 27
. A 28. D 29. C 30. A 31. C 32. B 33. D 34. D 35. A 36. B 37. D 38. B 39. A 40.
A