Scribd Logo
Upload

Welcome to Scribd!

  • Manage IT Risks & Align with Business Goals Using COBIT Framework

    Uploaded by

    Carlos F. Núñez
    741 views16 pages
    The document contains questions and answers related to IT management frameworks like COBIT and COSO. Some key points covered are: - COBIT is a framework that focuses on what needs to be achieved to manage IT risks and improve governance, rather than how to implement controls. - COBIT addresses fiduciary requirements more broadly than COSO by expanding the scope to include all information, not just financial reporting. - Maturity models in COBIT help organizations evaluate the capability of their current IT processes. - COBIT Online allows benchmarking of process maturity levels.

    Original Description:

    Original Title

    Exam

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document contains questions and answers related to IT management frameworks like COBIT and COSO. Some key points covered are: - COBIT is a framework that focuses on what needs to be achieved to manage IT risks and improve governance, rather than how to implement controls. - COBIT addresses fiduciary requirements more broadly than COSO by expanding the scope to include all information, not just financial reporting. - Maturity models in COBIT help organizations evaluate the capability of their current IT processes. - COBIT Online allows benchmarking of process maturity levels.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    741 views16 pages

    Manage IT Risks & Align with Business Goals Using COBIT Framework

    Uploaded by

    Carlos F. Núñez
    The document contains questions and answers related to IT management frameworks like COBIT and COSO. Some key points covered are: - COBIT is a framework that focuses on what needs to be achieved to manage IT risks and improve governance, rather than how to implement controls. - COBIT addresses fiduciary requirements more broadly than COSO by expanding the scope to include all information, not just financial reporting. - Maturity models in COBIT help organizations evaluate the capability of their current IT processes. - COBIT Online allows benchmarking of process maturity levels.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 16

    1) Which of the following is the most significant concern in the management of IT?

    a) Making technology work correctly b) Keeping IT running c) Keeping up to date with the latest solutions d) Supporting developers with toolkits 1. B

    2) What is an essential attribute of successful performance management? a) Frequently achieved targets b) Setting achievable goals c) Threatening sanctions if targets are not met d) Metrics defined and approved by the stakeholders

    2. D

    3) Which of the following is a common reason why IT projects exceed budget expectations or deadlines? a) Cost of IT specialists b) Unavailability of the latest technology c) Underestimation of the effort required d) Lack of automation of development tools 3. C

    4) Which one of the following is a common problem encountered while trying to align IT

    and the business? a) Use of an external IT consultant for project management b) Communication gaps between the business and IT c) Inadequacy of problem management practices d) Rushing to develop too quickly 4. B

    5) Which of the following is a principle of IT Governance? a) Accountability b) Reliability c) Availability d) Probability 5. A

    6) Which of one of these is a strategic objective? a) Delivering on time and budget b) Zero faults c) Developing systems in house d) Devising strategies to achieve stated goals 6. D

    6) Which of the following is an objective of risk management? A) Increasing the budget for IT security B) Transparency about significant risks to the enterprise C) Awareness of the latest IT security tools D) Undertaking a detailed risk analysis 6) A

    7) Which of the following is a potential benefit of strategic alignment? a) Cost-effective administration and management b) Use of the latest technology c) Being first to market d) Delivery on time and within budget 7. A

    7) Which of the following is a potential benefit of strategic alignment? A) Optimal use of resources B) Use of the latest technology C) Being first to market D) Delivery on time and within budget

    7. A

    8) Which of the following is an important component of risk management? a) Taking no risks b) Canceling any initiative that is risky c) Understanding the appetite for risks d) Using old tried and testes systems 8. C

    9) Which of the following represents an organizational perspective of a balanced scorecard? a) A dashboard b) A metric c) A bonus scheme d) A customer

    9. D

    10) Which of the following is a characteristic of a control framework? a) Strict rules b) Penalty for noncompliance c) Process orientation d) Measurement system 10. C

    11) Which of the following is a key benefit of IT Governance? a) Lower IT costs b) Responsiveness of IT c) Greater use of technology d) Increased budget for IT projects 11. B

    12) Which of the following is the best way to use COBIT? a) To improve all IT process b) As a mandatory standard c) As a guide for the business to maximize the benefits of IT d) To help prioritize which IT process to focus on 12. D

    13) How does the COBIT Framework help an organization implement IT Governance? a) It contains ready-made work programs b) It provides policies and standards that can be mandated c) It provides good practice and guidance d) It has controls that can be implemented as they are

    13. C

    14) Which of the following is a component of the COBIT Framework? a) Policies b) Audit Programs c) Implementation Guidance d) IT Resources

    14. D

    15) What is a Control Objective? a) A metric to be achieved by implementing control procedures in a particular activity b) A level of maturity to be achieved by implementing control procedures in a particular activity c) A statement of the desired result on purpose to be achieved by implementing control procedures in a particular activity d) A critical success factor to be achieved by implementing control procedures in a particular activity 15. C

    16) What tool within COBIT helps the business and IT understand the business requirements for information? a) Information Criteria b) Critical Success Factor

    c) Control Objective d) Maturity Model

    16. A

    17) KPIs measure performance of: a) Control Practices b) Objectives c) Controls d) IT Processes

    17. D

    17) Which of the following is a fiduciary requirement within COBIT information criteria? A) Security B) Integrity C) Availability D) Compliance

    18) Which of the following is a COBIT security requirement? a) Compliance b) Availability c) Reliability

    d) Efficiency

    18. B

    19) Which of the following is a COBIT Information Criteria? a) Fiduciary b) Quality c) Effectiveness d) Security 19. C

    20) What do Key Goal Indicators (KGIs) measure? a) Maturity levels b) Process performance c) Degree of control d) The achievement of an objective 20. D

    20) What do outcome measures indicate? A) Maturity levels B) Process performance C) Degree of control D) The achievement of an objective

    21) Which of the following is a COBIT IT Resource? a) Database b) Infrastructure c) Operating System d) Contractor 21. B

    22) Which COBIT IT Resource can be defined as the automated user systems and manual procedures that process information? a) Applications b) Process c) Systems d) Technology 22. A

    23) Which of the following is a key feature of resource optimization? a) Hiring low cost manpower b) Retaining hardware to minimize replacement costs c) Buying only proven products d) Optimizing costs

    23. D

    24) Maturity Models help organizations to: a) Meet goals and objectives b) Evaluate controls c) Determine the capability of the current process d) Define performance measures 24. C

    25) How can COBIT be used along with other international best practices and standards, such as ITIL and ISO 17799? a) To integrate the deployment of the required standards b) As an implementation method c) To validate the appropriateness of the other standard d) As another view of the same area to support an approach

    25. A

    26) Which framework is increasingly accepted as the standard response for generally assessing IT controls? a) ITIL b) COBIT c) ISO 17799 d) CMM

    26. B

    27) Which of the following is a key benefit of IT Governance? a) Greater awareness of technical solutions b) Ability to be an IT leader c) Confidence of top management in IT d) Increased IT investment 27. C

    27) Which IT process within COBIT should ensure the timely definition of operational requirements? A) AI1: Identify automated solutions B) PO1: Define a strategic IT plan C) DS2: Manage third-party services D) AI4: Enable operation and use

    27. D

    28) Which part of the COBIT toolset will help the business and IT understand how to measure results? a) Management Guidelines b) Framework c) Control Objectives d) IT Governance Implementation Guide

    28. A

    29) Key Performance Indicators are factors that: a) Identify key controls b) Identify key process c) Positively influence the process outcome d) Focus on control practices

    29. C

    30) Which level of maturity in the COBIT processes is usually associated with a process being "standardized, documented and communicated?" a) Level 3 - defined b) Level 2 - repeatable c) Level 4 - managed d) Level 1 - initial

    30. A

    31) COBIT Security Baseline is a(n): a) Specialists guide to security b) Nontechnical security guide and reference to security-related objectives c) Security audit program for auditors

    d) Implementation road map for security professionals 31. B

    31) Which of the following is a stage in the COBIT assurance guide roadmap? A) Evaluation B) Maturity modeling C) Testing D) Planning

    31. D

    32) COBIT's definition of fiduciary requirements differ from that of COSO in that COBIT expands the scope to include: a) Security b) All information c) Operations d) Systems development

    32. B

    33) COBIT is a framework that focuses on: a) How to do it rather than what needs to be achieved b) What needs to be achieved rather than how to do it c) What needs to be organized rather than what needs to achieved d) hat needs to be implemented rather than how measure it

    33. B

    34) The COBIT Framework treats information as the result of the combined application of IT Resources that are managed by: a) Information Criteria b) Control Objectives c) IT Process d) Metrics

    34. C

    35) The COSO Framework is a framework to help organizations establish and determine: a) Accounting standards b) Auditing standards c) Investment decisions d) The effectiveness of the internal controls

    35. D

    36) Which of the following COBIT IT Processes addresses the need for "program and

    project risk assessment"? a) PO1 - Define a strategic IT Plan b) PO8 - Manage quality c) PO9 - Assess and manage IT risks d) PO10 - Manage projects 36. D

    37) Which COBIT resource provides benchmarking capabilities? a) COBIT Quickstart b) COBIT Security Baseline c) IT Governance Implementation Guide d) COBIT Online

    37. D

    38) The percentage of projects completed on time and on budget is a COBIT KGI? a) True b) False

    38. A

    39) Which of the following aspects of COBIT can be benchmarked in COBIT Online?

    a) Use of IT Resources b) Use of Information Criteria c) Process Maturity Levels d) Use of Domains 39. C

    40) COBIT QuickStart is most useful for: a) Senior management b) Small and medium sized enterprises (SMEs) c) Auditors d) Control Specialists 40. B

    You might also like