COBIT Flashcards
(100 cards)
1
Q
- What is the primary objective of COBIT 5? A. Improve software speed B. Control marketing C. Govern and manage enterprise IT D. Promote outsourcing
A
C. Govern and manage enterprise IT
2
Q
- Which organization developed COBIT 5? A. ITIL B. ISO C. ISACA D. IEEE
A
C. ISACA
3
Q
- How many key principles form the basis of COBIT 5? A. 3 B. 4 C. 5 D. 6
A
C. 5
4
Q
- Principle 1 of COBIT 5 is: A. Managing Projects B. Meeting Stakeholder Needs C. Reducing Costs D. Enhancing Security
A
B. Meeting Stakeholder Needs
5
Q
- The COBIT 5 Goals Cascade translates stakeholder needs into: A. Financial goals B. Business rules C. IT-related and enabler goals D. Compliance reports
A
C. IT-related and enabler goals
6
Q
- Which principle focuses on integration of IT into enterprise-wide governance? A. Holistic approach B. Covering the Enterprise End-to-end C. Risk Management D. Assurance
A
B. Covering the Enterprise End-to-end
7
Q
- Principle 3 promotes: A. Manual systems B. Single integrated framework C. Isolated silos D. Cost reduction only
A
B. Single integrated framework
8
Q
- COBIT 5 considers information as: A. Output only B. An enabler C. Backup data D. HR data
A
B. An enabler
9
Q
- Which enabler is concerned with values, beliefs, and behaviors? A. Processes B. Structures C. Culture, Ethics and Behaviour D. Infrastructure
A
C. Culture, Ethics and Behaviour
10
Q
- COBIT 5 distinguishes between: A. Security and Compliance B. Governance and Management C. Input and Output D. Servers and Applications
A
B. Governance and Management
11
Q
- Governance is typically the responsibility of: A. CEO B. IT Manager C. Board of Directors D. CIO
A
C. Board of Directors
12
Q
- Management’s primary responsibility is to: A. Evaluate risks B. Plan, build, run, and monitor C. Set regulations D. Own audit results
A
B. Plan, build, run, and monitor
13
Q
- COBIT 5’s holistic approach includes how many categories of enablers? A. 5 B. 6 C. 7 D. 8
A
C. 7
14
Q
- COBIT 5 defines value creation through: A. Business continuity B. IT project implementation C. Benefit realization, risk optimization, and resource optimization D. Compliance checks
A
C. Benefit realization, risk optimization, and resource optimization
15
Q
- The Goals Cascade starts from: A. Enterprise Policies B. IT Strategies C. Stakeholder Drivers D. Audit Findings
A
C. Stakeholder Drivers
16
Q
- COBIT 5 aligns with external frameworks like: A. Only ISO B. ITIL, TOGAF, PRINCE2, ISO C. PMP only D. CISA guidelines
A
B. ITIL, TOGAF, PRINCE2, ISO
17
Q
- One benefit of the COBIT 5 Goals Cascade is: A. Standardized budgeting B. Automates software development C. Identifies and aligns relevant enablers D. Avoids project delays
A
C. Identifies and aligns relevant enablers
18
Q
- In COBIT 5, “Processes” as enablers refer to: A. Organizational mission B. External communication C. Set of activities producing outputs D. HR records
A
C. Set of activities producing outputs
19
Q
- The Enabler “People, Skills, and Competencies” is essential for: A. Legal compliance B. Project budgeting C. Successful execution of governance activities D. Outsourcing evaluation
A
C. Successful execution of governance activities
20
Q
- Which COBIT 5 enabler is considered the key decision-making entity? A. Processes B. Organizational Structures C. Applications D. Stakeholders
A
B. Organizational Structures
21
Q
- IT-related goals in COBIT 5 support: A. User satisfaction B. Vendor performance C. Achievement of enterprise goals D. Audit outcomes
A
C. Achievement of enterprise goals
22
Q
- COBIT 5 applies to: A. Only large enterprises B. Only IT companies C. All sizes and types of enterprises D. Only government institutions
A
C. All sizes and types of enterprises
23
Q
- COBIT 5 aligns stakeholder needs with: A. Investment portfolios B. IT governance policies C. Enabler goals via goals cascade D. Communication audits
A
C. Enabler goals via goals cascade
24
Q
- An enterprise should customize the goals cascade based on: A. Global benchmarks B. Vendor input C. Its own context D. Historical financial data
A
C. Its own context
25
25. The governance objective in COBIT 5 can be summarized as: A. Risk elimination B. Resource budgeting C. Value creation D. Data replication
C. Value creation
26
26. What are the three governance objectives in COBIT 5? A. Compliance, Transparency, Innovation B. Risk Reduction, Compliance, ROI C. Benefits Realisation, Risk Optimisation, Resource Optimisation D. Agility, Cost-cutting, User Satisfaction
C. Benefits Realisation, Risk Optimisation, Resource Optimisation
27
27. COBIT 5 replaces previous ISACA frameworks including: A. COSO B. Val IT and Risk IT C. TOGAF D. ISO 27001
B. Val IT and Risk IT
28
28. In COBIT 5, enablers must be: A. Optional B. Industry-specific C. Interconnected D. Outsourced
C. Interconnected
29
29. Which enabler addresses decision rights and accountability? A. People B. Organizational Structures C. Processes D. Information
B. Organizational Structures
30
30. COBIT 5 views IT and business goals as: A. Unrelated B. Independent C. Aligned D. Competitive
C. Aligned
31
31. Who is primarily accountable for COBIT governance in an enterprise? A. CIO B. IT Manager C. Board of Directors D. Project Managers
C. Board of Directors
32
32. In COBIT 5, information must be managed as: A. Public data B. An asset C. Historical reference D. Static content
B. An asset
33
33. What is the main use of the goals cascade? A. Define HR policy B. Customize business rules C. Translate stakeholder needs to actionable goals D. Align budgets
C. Translate stakeholder needs to actionable goals
34
34. COBIT 5 recommends building a tailored version of the goals cascade based on: A. Audit findings B. User feedback C. Enterprise context D. Staff availability
C. Enterprise context
35
35. One reason COBIT 5 was created was to: A. Replace ITIL B. Address user-driven IT C. Reduce programming costs D. Promote outsourcing
B. Address user-driven IT
36
36. Which principle ensures COBIT 5 is compatible with other frameworks? A. Stakeholder Needs B. Holistic Approach C. Integrated Framework D. Governance Separation
C. Integrated Framework
37
37. COBIT 5 enablers can include all EXCEPT: A. Principles B. Firewalls C. Information D. People
B. Firewalls
38
38. In COBIT 5, which enabler ensures appropriate behavior? A. Ethics and Culture B. Technology C. Applications D. Finance
A. Ethics and Culture
39
39. The performance of enablers can be measured using: A. Enterprise revenue B. Technical bugs C. Enabler performance metrics D. User count
C. Enabler performance metrics
40
40. COBIT 5 supports which life cycle approach for implementation? A. Linear B. Spiral C. Implementation Life Cycle D. Deployment Path
C. Implementation Life Cycle
41
41. COBIT 5 implementation begins with: A. Outsourcing plans B. The business case C. IT audits D. Application testing
B. The business case
42
42. What is a key output of the goals cascade? A. Audit reports B. Mapping tables C. System diagrams D. Training materials
B. Mapping tables
43
43. What does COBIT 5 recommend for addressing stakeholder conflict? A. Avoidance B. Board override C. Negotiation and balance D. Third-party decision-making
C. Negotiation and balance
44
44. The "Governance Scope" in COBIT 5 can be applied to: A. Only IT teams B. Only finance departments C. The entire enterprise D. Legal divisions only
C. The entire enterprise
45
45. COBIT 5 is structured to align with which of the following? A. PRINCE2 B. ISO Standards C. ITIL D. All of the above
D. All of the above
46
46. In COBIT 5, the relationship between enablers is: A. Linear B. Independent C. Interdependent D. Negligible
C. Interdependent
47
47. The term “systemic governance” in COBIT 5 means: A. One system per department B. Central server control C. All parts of governance are interconnected D. Use of shared drives
C. All parts of governance are interconnected
48
48. Stakeholder value is achieved through: A. Unlimited IT investment B. IT compliance C. Strategic benefit realization D. Daily monitoring
C. Strategic benefit realization
49
49. COBIT 5 defines how many generic enterprise goals? A. 10 B. 15 C. 17 D. 21
C. 17
50
50. COBIT 5 defines the "Information Enabler" as: A. Only raw data B. Backup-only data C. All information processed and required by the enterprise D. Only HR systems
C. All information processed and required by the enterprise
51
51. What is the focus of COBIT 5’s principle “Holistic Approach”? A. Focus on applications B. Ignoring external frameworks C. Considering all enablers together D. Limiting governance scope
C. Considering all enablers together
52
52. Enablers in COBIT 5 influence each other because they are: A. Fully documented B. Organizational mandates C. Systemically connected D. User-specific
C. Systemically connected
53
53. Enabler performance metrics are important for: A. IT vendor selection B. Training records C. Performance measurement and monitoring D. Salary evaluation
C. Performance measurement and monitoring
54
54. Which COBIT 5 process domain includes building and acquiring IT solutions? A. Align, Plan and Organise B. Monitor, Evaluate and Assess C. Build, Acquire and Implement D. Deliver and Support
C. Build, Acquire and Implement
55
55. The domain "Deliver, Service and Support" primarily focuses on: A. Risk policies B. Budget planning C. Operational delivery and support D. IT marketing
C. Operational delivery and support
56
56. “Monitor, Evaluate and Assess” domain supports: A. Cost recovery B. External promotions C. Performance and conformance monitoring D. Data input control
C. Performance and conformance monitoring
57
57. In COBIT 5, goals cascade helps link stakeholder needs to: A. Supplier KPIs B. Specific IT investments C. Enabler goals and enterprise goals D. Server logs
C. Enabler goals and enterprise goals
58
58. Which COBIT 5 component aids implementation of governance improvements? A. Business glossary B. Process reference model C. COBIT 5 Implementation Guide D. ITIL 4 Booklet
C. COBIT 5 Implementation Guide
59
59. A “governance objective” in COBIT 5 should align with: A. Auditor’s requirements B. Project risk only C. Stakeholder value drivers D. Daily metrics
C. Stakeholder value drivers
60
60. Information enabler quality goals include all EXCEPT: A. Confidentiality B. Portability C. Integrity D. Availability
B. Portability
61
61. COBIT 5 supports governance that is: A. Top-down and isolated B. Focused only on risk C. Integrated and systemic D. Finance-led only
C. Integrated and systemic
62
62. One key characteristic of processes as enablers is: A. They operate without controls B. They are always manual C. They are measurable D. They are outsourced
C. They are measurable
63
63. The organizational structure enabler is best described as: A. Hierarchy chart B. Decision-making bodies C. Cost center list D. Backup documentation
B. Decision-making bodies
64
64. The COBIT 5 Implementation Life Cycle includes: A. Only project initiation B. A phased approach C. Random testing D. Server configuration
B. A phased approach
65
65. In the COBIT 5 Goals Cascade, “IT-related goals” are: A. Unrelated to strategy B. Supporting enterprise goals C. Driven by only compliance D. Optional
B. Supporting enterprise goals
66
66. COBIT 5 defines how many generic IT-related goals? A. 17 B. 20 C. 10 D. 8
A. 17
67
67. Effective governance of enterprise IT creates value through: A. Technical upgrades B. Redundant controls C. Optimized resources D. Stakeholder removal
C. Optimized resources
68
68. Which of the following is an example of a governance framework integrated with COBIT 5? A. GDPR B. COSO C. DevOps D. SQL
B. COSO
69
69. The COBIT 5 principle “Covering the Enterprise End-to-End” emphasizes: A. Silo-based IT B. Partial process alignment C. Full enterprise-wide governance D. Narrow business impact analysis
C. Full enterprise-wide governance
70
70. A key benefit of COBIT 5 is: A. Developing source code B. Automatic budget approval C. Bridging gap between control requirements and business goals D. Training developers
C. Bridging gap between control requirements and business goals
71
71. One of the design factors in tailoring governance systems is: A. Enterprise strategy B. Device brand C. Source code D. Staff uniforms
A. Enterprise strategy
72
72. A process capability model in COBIT 5 assesses: A. Color of dashboards B. Process maturity C. Storage units D. Staff age
B. Process maturity
73
73. What is the minimum level in the COBIT 5 Process Capability Model? A. Level 1 – Performed Process B. Level 0 – Incomplete Process C. Level 2 – Managed Process D. Level 3 – Established Process
B. Level 0 – Incomplete Process
74
74. What is the highest level in the Process Capability Model? A. Level 4 – Predictable B. Level 5 – Optimizing C. Level 3 – Established D. Level 2 – Managed
B. Level 5 – Optimizing
75
75. COBIT 5 provides value to enterprises by: A. Reducing staff B. Providing a single, integrated framework C. Mandating ISO certification D. Replacing all software
B. Providing a single, integrated framework
76
76. COBIT 5 helps enterprises achieve: A. Only IT alignment B. Data migration C. IT governance and management objectives D. Vendor agreements
C. IT governance and management objectives
77
77. Which COBIT 5 component defines “a set of practices and activities organized to achieve objectives”? A. Structure B. Role C. Process D. Application
C. Process
78
78. The COBIT 5 product family includes all EXCEPT: A. COBIT 5 Implementation B. COBIT 5 Enabling Processes C. COBIT 5 Software Manual D. COBIT 5 for Assurance
C. COBIT 5 Software Manual
79
79. A key reason for adopting COBIT 5 is to support: A. Source code reuse B. Business-IT alignment C. Physical security D. Hardware installation
B. Business-IT alignment
80
80. Governance ensures stakeholder needs are: A. Ignored B. Translated into actionable goals C. Limited to IT only D. Budgeted quarterly
B. Translated into actionable goals
81
81. Which of the following best reflects COBIT 5’s scope? A. IT operations only B. IT risk only C. Enterprise-wide governance of IT D. Data warehousing only
C. Enterprise-wide governance of IT
82
82. COBIT 5's model for process assessment is based on: A. Agile B. PRINCE2 C. ISO/IEC 15504 D. DevOps
C. ISO/IEC 15504
83
83. The “Plan and Organize” domain in COBIT 4.1 has been replaced by which domain in COBIT 5? A. Build, Acquire and Implement B. Align, Plan and Organise C. Deliver and Support D. Evaluate and Direct
B. Align, Plan and Organise
84
84. “Stakeholder drivers” in the Goals Cascade refer to: A. Budget constraints B. Strategic context C. Server upgrades D. Employee salaries
B. Strategic context
85
85. COBIT 5 uses capability levels rather than: A. Network models B. Performance measures C. Maturity levels D. Control charts
C. Maturity levels
86
86. The COBIT 5 principle “Meeting Stakeholder Needs” emphasizes: A. Only risk mitigation B. Customization and prioritization C. Technology replacement D. Revenue reports
B. Customization and prioritization
87
87. The Process Reference Model in COBIT 5: A. Is identical to COBIT 4.1 B. Is not applicable C. Defines governance and management processes D. Applies only to auditors
C. Defines governance and management processes
88
88. “Resource Optimization” refers to: A. Hiring new employees B. Maximizing use of IT resources C. Shutting down old systems D. Using more bandwidth
B. Maximizing use of IT resources
89
89. The performance of governance and management processes is measured using: A. Budget targets B. KPI dashboards C. Process capability levels D. HR reports
C. Process capability levels
90
90. A key consideration in information enabler goals is: A. App usability B. Stakeholder ownership C. Quality, relevance, timeliness D. Brand identity
C. Quality, relevance, timeliness
91
91. COBIT 5 encourages the use of existing standards such as: A. Only internal tools B. Proprietary software C. ISO, ITIL, TOGAF D. COBOL guidelines
C. ISO, ITIL, TOGAF
92
92. An audit and assurance professional can use COBIT 5 for: A. System procurement B. Managing teams C. Establishing assurance benchmarks D. Hiring staff
C. Establishing assurance benchmarks
93
93. What tool does COBIT 5 offer for process assessment? A. ISACA Bench Tool B. Process Capability Model C. GAP Matrix D. Implementation Heatmap
B. Process Capability Model
94
94. COBIT 5 emphasizes continual improvement through: A. Implementation Life Cycle B. Monthly review meetings C. Strategic off-sites D. Vendor audits
A. Implementation Life Cycle
95
95. What is the difference between governance and management in COBIT 5? A. Governance is operational B. Management sets enterprise goals C. Governance evaluates, directs and monitors; management plans, builds and runs D. There is no difference
C. Governance evaluates, directs and monitors; management plans, builds and runs
96
96. In the COBIT 5 life cycle, Phase 3 is: A. What are the drivers? B. Where are we now? C. What needs to be done? D. How do we get there?
C. What needs to be done?
97
97. An enterprise using COBIT 5 must define its own: A. Software systems B. Stakeholders C. Information goals and metrics D. Data centers
C. Information goals and metrics
98
98. A systemic governance approach means: A. Top-down enforcement only B. Applying governance only to IT C. Integration across all business areas D. Use of legacy systems
C. Integration across all business areas
99
99. In COBIT 5, an enabler must have: A. A defined owner and purpose B. A financial budget C. User feedback D. No controls
A. A defined owner and purpose
100
100. The ultimate aim of COBIT 5 is to: A. Automate IT B. Reduce IT staff C. Provide value to stakeholders D. Track budgets
C. Provide value to stakeholders
