Isaca COBIT COBIT-2019 Questions & Answers

• Question 181:

  Which of the following is a PRIMARY objective of reviewing the effectiveness of a new IT governance system that has been operational for 6 months?

  A. Obtaining executive management support for IT governance

  B. Identifying further governance requirements

  C. Evaluating business performance reports

  Correct Answer: A

• Question 182:

  When designing an IT governance system, the NEXT step after considering the enterprise's strategic business objectives is to assess:

  A. the enterprise's risk profile.

  B. the IT implementation method.

  C. the role of IT within the enterprise.

  Correct Answer: A

  Reference: https://community.mis.temple.edu/mis5203sec001sp2019/files/2019/01/COBIT-2019-Framework-Introduction-and-Methodology_res_eng_1118.pdf

• Question 183:

  An enterprise will often fail to realize implementation commitments during the execution of an EGIT implementation program plan if it:

  A. leverages existing mechanisms and ways of working.

  B. simplifies the implementation process.

  C. reduces projects into smaller executable pieces.

  D. focuses on enabling IT value over business value.

  Correct Answer: D

  According to ISACA COBIT 2019, an enterprise may fail to realize implementation commitments during the execution of an EGIT (Enterprise Governance of IT) implementation program plan if it focuses on enabling IT value over business value. The EGIT implementation program should prioritize delivering business value and outcomes, rather than simply enabling IT. By focusing on delivering business value, the organization can ensure that the implementation of the EGIT program is aligned with the overall strategy and objectives of the organization and that the program is able to deliver tangible benefits to the organization. Focusing solely on enabling IT value may result in the implementation of IT solutions that do not support the overall goals and objectives of the organization, leading to a failure to realize the desired outcomes and benefits of the program. An enterprise will often fail to realize implementation commitments during the execution of an EGIT implementation program plan if it focuses on enabling IT value over business value. The goal of an EGIT implementation program should be to effectively align IT with business objectives and enable the business to achieve its goals. An enterprise should always focus on business value rather than IT value, as this ensures that the IT implementation will provide the maximum value to the business.

  Reference: https://www.isaca.org/COBIT/Pages/COBIT-2019-Framework.aspx

• Question 184:

  Which of the following enterprise risk management concepts is MOST important to fully understand prior to finalizing the design of an IT governance system?

  A. The enterprise's risk tolerance

  B. The enterprise's risk profile

  C. The enterprise's risk appetite

  Correct Answer: B

• Question 185:

  Which of the following is a strategy archetype focused on increasing revenues?

  A. Innovation/differentiation

  B. Client service/stability

  C. Growth/acquisition

  D. Cost leadership

  Correct Answer: C

  The strategy archetype focused on increasing revenues is "Growth/Acquisition" as defined by COBIT 2019. This strategy archetype is characterized by expanding the enterprise's market share and revenue base through mergers and acquisitions, organic growth and business diversification. The focus is on growth, revenue and market share and the success of this archetype is measured by the enterprise's ability to achieve these objectives.

• Question 186:

  A governance or management objective always relates to:

  A. a group of related processes.

  B. a single related component.

  C. a single process.

  Correct Answer: C

  Reference: https://www.escoute.com/a-new-cobit-is-in-town-and-i-really-like-how-this-looks/

• Question 187:

  Which of the following metrics would BEST enable an enterprise to evaluate an alignment goal specifically related to security of information and privacy?

  A. Ratio and extent of erroneous business decisions in which erroneous IandT-related information was a key factor

  B. Number of critical business processes supported by up-to-date infrastructure and applications

  C. Number of confidentiality incidents causing financial loss, business disruption or public embarrassment.

  Correct Answer: C

  Reference: https://community.mis.temple.edu/mis5203sec001sp2019/files/2019/01/COBIT-2019-Framework-Introduction-and-Methodology_res_eng_1118.pdf (31)