Isaca COBIT-2019 COBIT 2019 Foundation Exam Practice Test

Answer : D

As explained in the previous question, the success metrics for the EGIT continual improvement program are identified and defined in the third stage of the EGIT implementation life cycle, which is developing the EGIT implementation program plan. Therefore, the correct answer is D. The other options are incorrect because they refer to different stages of the EGIT implementation life cycle that do not involve defining the success metrics. Option A refers to the second stage, which is defining the EGIT implementation road map. This stage involves identifying and prioritizing the improvement opportunities based on a gap analysis between the current and desired states of EGIT. Option B refers to the fourth stage, which is executing the EGIT implementation program plan. This stage involves implementing the improvement actions according to the plan, monitoring and controlling the progress and outcomes, and reporting on the results. Option C refers to the first stage, which is initiating an EGIT program.This stage involves establishing a clear vision and scope for the EGIT program, obtaining senior management commitment and sponsorship, and setting up a governance structure for the program.Reference:: COBIT 2019 Design Guide: Designing an Information & Technology Governance Solution, page 281: COBIT 2019 Design Guide: Designing an Information & Technology Governance Solution, page 431: COBIT 2019 Design Guide: Designing an Information & Technology Governance Solution, page 24

Answer : D

The management objective APO09 Managed Service Agreements involves ensuring that IT services are delivered in accordance with agreed-upon service levels and costs. This management objective covers the activities of defining, negotiating, establishing, monitoring, reporting, and reviewing service agreements between service providers and service consumers. This management objective is most relevant for an enterprise that plans to outsource all of its noncore IT operations but wants to ensure the proper level of governance, risk and compliance (GRC) controls. By applying this management objective, the enterprise can improve its service governance and management capabilities, ensure alignment of IT services with business strategy and objectives, enhance service performance and outcomes, and increase service consumer satisfaction and value realization. This management objective also involves ensuring that the outsourced IT services comply with the applicable laws, regulations, standards, guidelines, contracts, or agreements that govern the information and technology activities of the enterprise, as well as with the enterprise's policies, procedures, processes, practices, etc. This management objective also involves managing the risks associated with outsourcing IT services such as loss of control, vendor lock-in, quality issues, security breaches, etc. Reference:: COBIT 2019 Process Reference Guide: Governance and Management Objectives: page 63-65 : COBIT 2019 Implementation Guide: page 49-50

Answer : A

The board of directors is the highest-level governance body in an enterprise that provides strategic direction, oversight, guidance, and approval for information and technology governance. The board of directors is accountable for monitoring the performance of the execution of an EGIT implementation program plan against success metrics and adjusting long-term targets when necessary. This means that the board of directors is responsible for ensuring that the EGIT implementation program plan is aligned with the enterprise's vision, mission, values, strategy, goals, and objectives, and that it delivers the expected value and benefits to the enterprise and its stakeholders. The board of directors is also responsible for reviewing the progress and outcomes of the EGIT implementation program plan on a regular basis, using predefined success metrics such as key performance indicators (KPIs), key goal indicators (KGIs), key risk indicators (KRIs), etc., to measure the achievement of the program objectives and goals. The board of directors is also responsible for adjusting the long-term targets of the EGIT implementation program plan when necessary, based on the changing business needs, environment, risks, opportunities, etc., and ensuring that the program remains relevant and effective. Reference:: COBIT 2019 Implementation Guide: page 37-38 : COBIT 2019 Framework: Governance and Management Objectives: page 19-20

Answer : A

The enterprise strategy archetype is a design factor that describes how an enterprise uses information and technology to achieve its goals and objectives. There are six enterprise strategy archetypes defined in COBIT 2019: growth/acquisition; operational excellence; customer intimacy; product leadership; data-driven; innovation-driven. Each archetype has different implications for the governance and management of information and technology in terms of focus areas, processes, practices, roles, structures, and metrics. One of the important components for an enterprise strategy archetype of growth/acquisition is support for the portfolio management role with an investment office. Growth/acquisition is a strategy archetype that emphasizes expanding market share, revenue, customer base, or product range through organic growth or acquisition of other businesses or assets. This strategy archetype requires effective portfolio management of information and technology investments and initiatives that support business growth or acquisition objectives. Portfolio management involves selecting, prioritizing, balancing, monitoring, evaluating, and optimizing information and technology investments and initiatives based on their alignment with business strategy, value delivery potential, risk exposure, resource availability, interdependencies, etc. Portfolio management also involves ensuring that information and technology investments and initiatives are integrated with business processes, systems, structures, culture, etc., especially in case of mergers or acquisitions.Support for the portfolio management role with an investment office means providing a dedicated function or unit that assists the portfolio manager in performing portfolio management activities such as planning, analysis, decision making, reporting, etc., as well as providing guidance, tools, methods, frameworks, standards, best practices etc., for portfolio management5Reference:5: COBIT 2019 Design Guide: page 35-36 : COBIT 2019 Process Reference Guide: page 59-61

Answer : D

The legal office is a function that provides legal advice and support to an enterprise on various matters related to its information and technology activities. The legal office also ensures that the enterprise complies with the applicable laws, regulations, standards, guidelines, contracts, or agreements that govern its information and technology activities. One of the responsibilities of the legal office is to execute contracts that retain independent legal consultants to review the level of regulatory compliance of a proposed IT solution. This means that the legal office is responsible for negotiating, drafting, signing, and enforcing contracts with external legal experts who can provide independent and objective assessment of the compliance status of an IT solution that an enterprise intends to implement or use.The legal office also ensures that the contracts are aligned with the enterprise's strategy, objectives, needs, and expectations, as well as with the relevant compliance requirements34Reference:3: COBIT 2019 Framework: Governance and Management Objectives: page 20-214: COBIT 2019 Design Guide: page 47-48

Answer : C

The EGIT implementation program plan is a document that describes the rationale, objectives, scope, approach, benefits, costs, risks, and timeline of the EGIT implementation program. The EGIT implementation program plan provides the basis for obtaining approval, funding, resources, and support for the program from the stakeholders. The best time to acquire or develop solutions for implementing process improvement projects defined by the EGIT implementation program plan is when developing the EGIT implementation program plan. This means that before finalizing and submitting the EGIT implementation program plan for approval, the enterprise should identify or create the solutions that will enable it to achieve its process improvement goals and objectives. These solutions could include tools, methods, frameworks, standards, guidelines, best practices, etc., that will help to design and implement the desired processes in accordance with stakeholder requirements and expectations.By acquiring or developing solutions during the development of the EGIT implementation program plan, the enterprise can ensure that the solutions are aligned with the program scope and approach, that they are realistic and achievable within the program budget and timeline, that they are integrated with other program components such as change management and communication plans, and that they are approved by relevant stakeholders before execution5Reference:5: COBIT 2019 Implementation Guide: page 39-40 : COBIT 2019 Implementation Guide: page 49-50

Answer : D

The key program roles are the roles that are responsible for leading, directing, managing, supporting, and executing the EGIT implementation program. The nomination of these roles is a critical step in creating the appropriate governance environment for the program. One of the roles that should be involved in this nomination process is the board and executives, who are the highest-level governance body and decision makers in an enterprise. The board and executives provide strategic direction, oversight, guidance, and approval for the EGIT implementation program. They also ensure that the program is aligned with the enterprise's vision, mission, values, strategy, goals, and objectives. The board and executives also appoint or endorse other key program roles such as the program sponsor, program manager, program steering committee, change champion network, etc. Reference:: COBIT 2019 Implementation Guide, page 37-38 : COBIT 2019 Framework: Governance and Management Objectives, page 19-20