Isaca COBIT-2019 Online Practice Questions and Exam Preparation

Isaca COBIT-2019 Online Questions & Answers

• Question 121:

  Which of the following is a KEY consideration when determining the initial scope of a governance system?

  A. Compliance requirements faced by the enterprise
  B. Current landT-related issues of the enterprise
  C. The role of IT within the enterprise
  D. The size of the enterprise
  A. Compliance requirements faced by the enterprise

  ---

  Explanation/Reference:

  According to Isaca COBIT 2019, a key consideration when determining the initial scope of a governance system is the compliance requirements faced by the enterprise. This includes laws, regulations and other requirements which the enterprise must comply with. Additionally, it is important to consider the current IT-related issues of the enterprise and the role of IT within the enterprise, as well as the size of the enterprise.

• Question 122:

  Which of the following enterprise risk management concepts is MOST important to fully understand prior to finalizing the design of an IT governance system?

  A. The enterprise's risk tolerance
  B. The enterprise's risk profile
  C. The enterprise's risk appetite
  A. The enterprise's risk tolerance

  ---

  Explanation/Reference:

• Question 123:

  Which of the following is a KEY principle of an enterprise governance system?

  A. It should focus on all technology and information processing, regardless of where processing takes place.
  B. It should focus only on technology and information processing that takes place within the IT function.
  C. It should focus only on technology and information processing that takes place in cost centers
  A. It should focus on all technology and information processing, regardless of where processing takes place.

  ---

  Explanation/Reference:

  A governance system should cover the enterprise end to end, focusing not only on the IT function but on all technology and information processing the enterprise puts in place to achieve its goals, regardless where the processing is located in the enterprise.

  Reference: https://www.futurelearn.com/info/courses/security-operations/0/steps/89307

• Question 124:

  Which of the following COBIT components includes a list of artifacts with links to relevant governance and management practices?

  A. Information flow and items
  B. Organizational structures
  C. Policies and procedures
  A. Information flow and items

  ---

  Explanation/Reference:

  Reference: https://www.businessbeam.com/blog/cobit-2019/

• Question 125:

  The enterprise goal of compliance with external laws and regulations is aligned to which balanced scorecard (BSC) dimension?

  A. Financial
  B. Growth
  C. Internal
  A. Financial

  ---

  Explanation/Reference:

  Balanced Scorecard or BSC (read as B-S-C) dimensions. The BSC dimensions are: Financial Reference: https://www.simplilearn.com/overview-of-cobit-5-principle-1-tutorial-video

• Question 126:

  An enterprise plans to outsource all of its noncore IT operations but wants to ensure the proper level of governance, risk and compliance (GRC) controls. Which of the following governance and management objectives would provide the MOST relevant management practices for the enterprise?

  A. AP012 Managed Risk
  B. APO10 Managed Vendors
  C. AP013 Managed Security
  D. APO09 Managed Service Agreements
  D. APO09 Managed Service Agreements

  ---

  Explanation/Reference:

  According to the ISACA COBIT 2019 Framework, the objective APO09 Managed Service Agreements provides the most relevant management practices for an enterprise that plans to outsource all its non-core IT operations but wants to ensure the proper level of governance, risk, and compliance (GRC) controls. This is specified in Domain 4, Objective 4.5: "Manage the acquisition and maintenance of IT-related assets". The APO09 objective provides guidance on how to manage service agreements with vendors, including the proper management of risks and compliance with related regulations and standards. Additionally, APO09 provides guidance on the proper selection and management of service

  providers, and how to ensure that the service agreements are properly monitored and evaluated to ensure the expected quality of service.

• Question 127:

  Which of the following is a component of the governance system that provides an enterprise with the tools and systems for IandT processing?

  A. Principles, policies and frameworks
  B. Information
  C. Services, infrastructure and applications
  C. Services, infrastructure and applications

  ---

  Explanation/Reference:

• Question 128:

  Who is accountable for monitoring the performance of the execution of an EGIT implementation program plan against success metrics and adjusting long-term targets when necessary?

  A. Board of directors
  B. IT process owners
  C. IT audit department
  D. CIO
  A. Board of directors

  ---

  Explanation/Reference:

  According to the ISACA COBIT 2019 Framework, the Board of Directors is responsible for monitoring the performance of the execution of an EGIT implementation program plan against success metrics and adjusting long-term targets when necessary. This is specified in Domain 4, Objective 4.1: "Establish and govern the enterprise governance of IT (EGIT)". The Board of Directors is responsible for ensuring that the EGIT implementation program plan is executed according to the organization's objectives and in alignment with the enterprise strategy. Additionally, the Board of Directors is responsible for monitoring the EGIT program's progress and making adjustments when necessary.

• Question 129:

  Which of the following is an enterprise goal according to COBIT?

  A. Managed IT-related risks
  B. IT compliance with internal policies C. Business service continuity and availability
  C

• Question 130:

  In the implementation model, when is IT governance implementation risk BEST managed?

  A. Throughout the life cycle
  B. During the planning phase
  C. Just prior to operationalization
  A. Throughout the life cycle