Selftestengine.CGEIT.279 Questions - GRATIS EXAM · Selftestengine.CGEIT.279 Questions Number ......

Selftestengine.CGEIT.279 Questions

Number: CGEITPassing Score: 800Time Limit: 120 minFile Version: 4.5

http://www.gratisexam.com/

CGEIT

ISACA CGEIT Certification Practice Test

Nicely written Questions with many corrections inside.

Modified few questions, fixed few spelling mistakes and typos.

Modified few questions, fixed few spelling mistakes and typos.

Fixed the Exhibit size and Drag drops/hot spot questions.

It provides you with exactly the same quality and reliability of our learning materials.

Exam A

QUESTION 1You are the project manager of the NHQ project for your company. You are working with your project teamto complete a risk audit. A recent issue that your project team responded to, and management approved,was to increase the project schedule because there was risk surrounding the installation time of a newmaterial. Your logic was that with the expanded schedule there would be time to complete the installationwithout affecting downstream project activities. What type of risk response is being audited in this scenario?

A. AvoidanceB. MitigationC. Parkinson's LawD. Lag Time

Correct Answer: ASection: (none)Explanation

Explanation/Reference:Explanation:

QUESTION 2You are the project manager for your organization. You are preparing for the quantitative risk analysis.Mark, a project team member, wants to know why you need to do quantitative risk analysis when you justcompleted qualitative risk analysis. Which one of the following statements best defines what quantitativerisk analysis is?

A. Quantitative risk analysis is the process of prioritizing risks for further analysis or action by assessingand combining their probability of occurrence and impact.

B. Quantitative risk analysis is the planning and quantification of risk responses based on probability andimpact of each risk event.

C. Quantitative risk analysis is the review of the risk events with the high probability and the highest impacton the project objectives.

D. Quantitative risk analysis is the process of numerically analyzing the effect of identified risks on overallproject objectives.

Correct Answer: DSection: (none)Explanation


QUESTION 3Your project spans the entire organization. You would like to assess the risk of the project but are worriedthat some of the managers involved in the project could affect the outcome of any risk identificationmeeting. Your worry is based on the fact that some employees would not want to publicly identify riskevents that could make their supervisors look bad. You would like a method that would allow participants toanonymously identify risk events. What risk identification method could you use?

A. Delphi techniqueB. Isolated pilot groupsC. SWOT analysisD. Root cause analysis


Explanation/Reference:correct answer.

QUESTION 4Which of the following is NOT a sub-process of Service Portfolio Management?

A. Service Portfolio UpdateB. Business Planning DataC. Strategic PlanningD. Strategic Service AssessmentE. Service Strategy Definition

Correct Answer: BSection: (none)Explanation


QUESTION 5An organization supports both programs and projects for various industries. What is a portfolio?


A. A portfolio describes all of the monies that are invested in the organization.B. A portfolio is the total amount of funds that have been invested in programs, projects, and operations.C. A portfolio describes any project or program within one industry or application area.D. A portfolio describes the organization of related projects, programs, and operations.



QUESTION 6Your organization mainly focuses on the production of bicycles for selling it around the world. In addition tothis, the organization also produces scooters. Management wants to restrict its line of production tobicycles. Therefore, it decides to sell the scooter production department to another competitor. Which of thefollowing terms best describes the sale of the scooter production department to your competitor?

A. Corporate restructureB. DivestitureC. RightsizingD. Outsourcing



QUESTION 7You are the business analyst for your organization and are preparing to conduct stakeholder analysis. As

part of this process you realize that you'll need several inputs. Which one of the following is NOT an inputyou'll use for the conduct stakeholder analysis task?

A. Organizational process assetsB. Enterprise architectureC. Business needD. Enterprise environmental factors


Explanation/Reference:well answered.

QUESTION 8Which of the following is the process of comparing the business processes and performance metricsincluding cost, cycle time, productivity, or quality?

A. AgreementB. COBITC. Service Improvement PlanD. Benchmarking



QUESTION 9You are the project manager of a large project that will last four years. In this project, you would like tomodel the risk based on its distribution, impact, and other factors. There are three modeling techniques thata project manager can use to include both event-oriented and project oriented analysis. Which modelingtechnique does NOT provide event-oriented and project oriented analysis for identified risks?

A. Modeling and simulationB. Expected monetary valueC. Sensitivity analysisD. Jo-Hari Window



QUESTION 10Which of the following processes is described in the statement below? "This is the process of numericallyanalyzing the effect of identified risks on overall project objectives."

A. Identify RisksB. Perform Qualitative Risk AnalysisC. Perform Quantitative Risk AnalysisD. Monitor and Control Risks

Correct Answer: C

Section: (none)Explanation


QUESTION 11Benchmarking is a continuous process that can be time consuming to do correctly. Which of the followingguidelines for performing benchmarking identifies the critical processes and creates measurementtechniques to grade the process?

A. ResearchB. AdaptC. PlanD. Improve

Correct Answer: CSection: (none)Explanation


QUESTION 12Jenny is the project manager for the NBT projects. She is working with the project team and several subjectmatter experts to perform the quantitative risk analysis process. During this process she and the projectteam uncover several risks events that were not previously identified. What should Jenny do with these riskevents?

A. The events should be determined if they need to be accepted or responded to.B. The events should be entered into the risk register.C. The events should continue on with quantitative risk analysis.D. The events should be entered into qualitative risk analysis.



QUESTION 13Beth is a project team member on the JHG Project. Beth has added extra features to the project and thishas introduced new risks to the project work. The project manager of the JHG project elects to remove thefeatures Beth has added. The process of removing the extra features to remove the risks is called what?

A. Corrective actionB. Preventive actionC. Scope creepD. Defect repair



QUESTION 14Which of the following elements of planning gap measures the gap between the total potential for the

market and the actual current usage by all the consumers in the market?

A. Project gapB. Competitive gapC. Usage gapD. Product gap



QUESTION 15Mark is the project manager of the BFL project for his organization. He and the project team are creating aprobability and impact matrix using RAG rating. There is some confusion and disagreement among theproject team as to how a certain risk is important and priority for attention should be managed. Where canMark determine the priority of a risk given its probability and impact?

A. Risk response planB. Look-up tableC. Project sponsorD. Risk management plan



QUESTION 16Which of the following processes is responsible for low risk, frequently occurring low cost changes?

A. Incident ManagementB. IT Facilities ManagementC. Release ManagementD. Request Fulfillment



QUESTION 17You are a management consultant. WebTech Inc., an e-commerce organization, hires you to analyze itsSWOT. Which of the following factors will you not consider for the SWOT analysis?

A. BandwidthB. PricingC. ProductD. Promotion



QUESTION 18You work as a project manager for BlueWell Inc. You are working on a project and the management wantsa rapid and cost-effective means for establishing priorities for planning risk responses in your project.Which risk management process can satisfy management's objective for your project?

A. Quantitative analysisB. Qualitative risk analysisC. Historical informationD. Rolling wave planning


Explanation/Reference:valid answer.

QUESTION 19You are the project manager for your organization and you are working with Thomas, a project teammember. You and Thomas have been working on a specific risk response for a probable risk event in theproject. Thomas is empowered with a risk response and will control all aspects of the identified riskresponse in which a particular risk event will happen within the project. What title, in regard to risk, isbestowed on Thomas?

A. Risk coordinatorB. Risk expeditorC. Risk ownerD. Risk team leader



QUESTION 20Which of the following essential elements of IT Portfolio Investment Management drives better decisions byproviding real-time portfolio performance information in personalized views, such as cost/benefit summary,risk versus reward, ROI versus alignment, and balance bubble charts?

A. Workflow, Process Management, Tracking and AuthorizationB. Portfolio ManagementC. Integrated Dashboards and ScorecardsD. Portfolio What-If Planning



QUESTION 21DRAG DROPVal IT is a suite of documents that provide a framework for the governance of IT investments, produced bythe IT Governance Institute (ITGI). It is a formal statement of principles and processes for IT portfolio

management. Drag and drop the correct domain ('Portfolio management') next to the IT processes definedby Val IT.

A.B.C.D.

Correct Answer: Section: (none)Explanation

Explanation/Reference:Answer: <map><m x1=467 x2=559 y1=47 y2=72/><m x1=468 x2=559 y1=96 y2=117/><m x1=469 x2=556y1=138 y2=160/><m x1=468 x2=555 y1=186 y2=207/><m x1=469 x2=561 y1=228 y2=251/><m x1=469x2=559 y1=275 y2=299/><m x1=468 x2=556 y1=318 y2=341/><m x1=467 x2=554 y1=364 y2=386/><mx1=468 x2=557 y1=411 y2=431/><m x1=325 x2=412 y1=409 y2=431/><m x1=323 x2=415 y1=363 y2=385/><m x1=325 x2=414 y1=317 y2=340/><m x1=324 x2=413 y1=274 y2=298/><m x1=322 x2=414 y1=228y2=254/><m x1=326 x2=410 y1=184 y2=206/><m x1=323 x2=413 y1=141 y2=164/><m x1=322 x2=407y1=95 y2=116/><m x1=323 x2=415 y1=50 y2=73/><m x1=511 x2=353 y1=422 y2=60/></map>Explanation:

QUESTION 22What are the various phases of the Software Assurance Acquisition process according to the U.S.Department of Defense (DoD) and Department of Homeland Security (DHS) Acquisition and OutsourcingWorking Group?

A. Implementing, contracting, auditing, monitoringB. Requirements, planning, monitoring, auditingC. Designing, implementing, contracting, monitoringD. Planning, contracting, monitoring and acceptance, follow-on



QUESTION 23Which of the following sub-processes of Service Portfolio Management is used to define the overall goalsthat the service provider should follow in its development based on the outcome of Strategic ServiceAssessment?

A. Service Portfolio UpdateB. Strategic Service AssessmentC. Service Strategy DefinitionD. Strategic Planning



QUESTION 24Which of the following are the main goals of Broadcasting Board of Governors (BBG)'s strategic plan 2008-2013?Each correct answer represents a complete solution. Choose all that apply.

A. It employs modern communication techniques and technologies.B. It builds on our reach and impact within the muslim world.C. It engages the world in conversation about England.D. It enhances program delivery across all platforms.

Correct Answer: ABDSection: (none)Explanation


QUESTION 25Which of the following types of IT organizational structures states that all IT decision making and the ITbudget are in one place, much easier to manage, and require much less effort to organize?

A. DecentralizedB. FederatedC. Project-basedD. Centralized



QUESTION 26A service provider guarantees for end-to-end network traffic performance to a customer.Which of the following types of agreement is this?

A. LAB. VPNC. NDAD. SLA



QUESTION 27Which of the following domains of COBIT covers areas such as the execution of the applications within theIT system and its results as well as the support processes that enable the effective and efficient executionof these IT systems?

A. Deliver and SupportB. Acquire and ImplementC. Monitor and Evaluate

D. Plan and Organize



QUESTION 28Gary has identified a project risk that could injure project team members. He does not want to accept anyrisk where someone could become injured on this project so he hires a professional vendor to complete thisportion of the project work. This workaround to the risk event is known as what type of risk response?

A. AvoidanceB. MitigationC. AcceptanceD. Transference



QUESTION 29Management has asked you to perform a risk audit and report back on the results. Bonny, a project teammember asks you what a risk audit is. What do you tell Bonny?

A. A risk audit is a review of the effectiveness of the risk responses in dealing with identified risks and theirroot causes, as well as the effectiveness of the risk management process.

B. A risk audit is a review of all the risks that have yet to occur and what their probability of happening are.C. A risk audit is an audit of all the risks that have occurred in the project and what their true impact on cost

and time has been.D. A risk audit is a review of all the risk probability and impact for the risks, which are still present in the

project but which have not yet occurred.



QUESTION 30Wendy is the project manager of the FBL project for your company. She has identified several risks withinher project and has created a risk contingency reserve of $45,000 total. Her project is nearly complete andmany of the risks have not happened in the project. What should Wendy do with the funds in thecontingency reserve?

A. The funds for the risks that have passed and have not happened are transferred to the project budget.B. The funds remain in the contingency reserve until all of the risks have passed.C. The funds remain in the contingency reserve until the project is closed.D. The funds for the risks that have passed and have not happened are released.



QUESTION 31Which of the following frameworks defines ERM as a process, effected by an entity's board of directors,management, and other personnel, applied in strategy setting and across the enterprise?

A. COBITB. COSO ERM frameworkC. Casualty Actuarial Society frameworkD. Val IT



QUESTION 32The IT strategy formulation process consists of four steps to provide guidance to all who are involved.Which of the following steps are performed in the IT strategy formulation process? Each correct answerrepresents a complete solution. Choose all that apply.

A. Decide how to get from here to there.B. Evaluate changes.C. Assess process maturity.D. Map out the big picture.



QUESTION 33Which of the following concepts is a semi-standard structured report supported by proven design methodsand automation tools that can be used by managers to keep track of the execution of activities by staffwithin their control and monitor the consequences arising from these actions?

A. Total Security ManagementB. Balanced Scorecard (BSC)C. Total Quality ManagementD. Six Sigma



QUESTION 34You are the project manager of the HJK project for your organization. You and the project team havecreated risk responses for many of the risk events in the project. A teaming agreement is an example ofwhat risk response?

A. MitigationB. Sharing

C. TransferenceD. Acceptance


Explanation/Reference:right answer.

QUESTION 35Which of the following is the main objective of business process outsourcing?

A. Realigning business process with business strategyB. Permitting the enterprise to focus on core main competencesC. Optimizing business processesD. Increasing the automation of business processes



QUESTION 36In which of the following phases of the SDLC does the software and other components of the systemfaithfully incorporate the design specifications and provide proper documentation and training?

A. DesignB. InitiationC. Programming and trainingD. Evaluation and acceptance



QUESTION 37You are the project manager of a newly formed project to create a new manufacturing facility. You areworking with a business analyst to identify, document, and prioritize stakeholders' needs for the facility.You'll also need to quantify any subjective terms and needs to define the project scope. What is thisprocess called?

A. Requirements analysisB. Project scope statement creationC. Requirements gatheringD. Stakeholder analysis



QUESTION 38

IT Governance is used by the management to regulate the Information Systems, to accomplish itsobjectives. IT governance forms an integral part of corporate governance. Which of the following elementsare required to implement a good IT governance framework? Each correct answer represents a completesolution. Choose all that apply.

A. CommunicationB. StructureC. ProjectD. Process



QUESTION 39Which of the following roles is responsible for review and risk analysis of all contracts on a regular basis?

A. The Service Catalogue ManagerB. The Supplier ManagerC. The Configuration ManagerD. The IT Service Continuity Manager



QUESTION 40All projects that are presented in your organization must go through a board to review the return oninvestment, risk, and worthiness of a project. All projects are considered but not all projects are initiated.What is the name of the process that this board is completing in your organization?

A. Project selection committeeB. Change governanceC. Project portfolio managementD. Project portfolio management board



QUESTION 41Which of the following essential elements of IT Portfolio Investment Management enables portfoliomanagers to include or exclude investments, change start and end dates, adjust budgets and reevaluatepriorities?

A. Integrated CapabilityB. Portfolio Planning AnalysisC. Portfolio What-If PlanningD. Portfolio Management



QUESTION 42Fred is the project manager of the PKL project. He is working with his project team to complete thequantitative risk analysis process as a part of risk management planning. Fred understands that once thequantitative risk analysis process is complete, the process will need to be completed again in at least twoother times in the project. When will the quantitative risk analysis process need to be repeated?

A. Quantitative risk analysis process will be completed again after the risk response planning and as a partof monitoring and controlling.

B. Quantitative risk analysis process will be completed again after the plan risk response planning and aspart of procurement.

C. Quantitative risk analysis process will be completed again after new risks are identified and as pa ofmonitoring and controlling.

D. Quantitative risk analysis process will be completed again after the cost management planning an as apart of monitoring and controlling.



QUESTION 43You work as a project manager for BlueWell Inc. There has been a delay in your project work that isadversely affecting the project schedule. You decided, with your stakeholders' approval, to fast track theproject work to get the project done faster. When you fast track the project which of the following are likelyto increase?

A. CostsB. RisksC. Human resource needsD. Quality control concerns



QUESTION 44Which of the following processes ensures that all vital assets and resources of the organization aresafeguarded?


A. Defining Resource Requirements processB. Cost estimating process

C. Vendor contract administration processD. Risk management process



QUESTION 45In software development, which of the following analysis is used to document the services and functionsthat have been accidentally left out, deliberately eliminated or still need to be developed?

A. Vulnerability analysisB. Cost-benefit analysisC. Requirement analysisD. Gap analysis



QUESTION 46The entry points to Service Strategy are referred to as "the Four Ps". They identify the different forms aservice strategy may take. Which of the following is a correct list of the 'Four Ps'?

A. People, Products, Partners, and ProfitB. People, Potential, Products, and PerformanceC. Potential, Preparation, Performance, and ProfitD. Perspective, Position, Plan, and Pattern


Explanation/Reference:appropriate answer.

QUESTION 47Melody is the project manager for her organization. She has created a risk response to conduct more testson the software her project is creating. The identified risk that prompted this response was that the softwareis mission-critical and must be flawless before it can be put into product. What type of a risk response hasMelody used in this scenario?

A. TransferenceB. EnhanceC. AvoidanceD. Mitigation



QUESTION 48Which of the following are the roles of a CIO in the Resource management framework? Each correctanswer represents a complete solution. Choose all that apply.

A. Standardizes architecture & technology.B. Defines value creation roles within IT.C. Provides IT infrastructure to facilitate knowledge & information creation/sharing.D. Establishes business priorities & allocates resources for IT performance.

Correct Answer: ABCSection: (none)Explanation


QUESTION 49Elizabeth is a project manager for her organization and she finds risk management to be very difficult forher to manage. She asks you, a lead project manager, at what stage in the project will risk managementbecome easier. What answer best resolves the difficulty of risk management practices and the effortrequired?

A. Risk management only becomes easier the more often it is practiced.B. Risk management only becomes easier when the project is closed.C. Risk management is an iterative process and never becomes easier.D. Risk management only becomes easier when the project moves into project execution.



QUESTION 50Which of the following stages of the Forrester's IT Governance Maturity Model describes that the ITgovernance processes are applied across the enterprise where all business units/entities conform to thesame set of IT governance processes, and IT investment decisions are based on the enterprise view?

A. Stage 3-ConsistentB. Stage 4-Best practicesC. Stage 1-Ad hocD. Stage 2-Fragmented



QUESTION 51Robert is the business analyst for his organization and he's working with several stakeholders to identify thebusiness need for an opportunity. Robert needs to identify the stakeholder that will be responsible forauthorizing the actions needed in order to meet the identified business need. Which stakeholder doesRobert need to identify?

A. RegulatorB. Implementation Subject Matter ExpertC. Sponsor

D. Customer



QUESTION 52Which of the following levels of Gartner's cost optimization framework describes the right kind ofpartnership with IT vendors, which can benefit each party in times of economic upturns?

A. Cost Savings within ITB. Joint Business and IT Cost SavingsC. IT ProcurementD. Enabling Innovation and Business Restructuring



QUESTION 53Which conduct stakeholder analysis technique is useful for identifying shared characteristics of astakeholder group?

A. BrainstormingB. Scope modelingC. InterviewsD. Surveys



QUESTION 54Which of the following are parts of SWOT Analysis? Each correct answer represents a complete solution.Choose all that apply.

A. OptimismB. ThreatsC. WeaknessesD. OpportunitiesE. ToolsF. Strengths

Correct Answer: BCDFSection: (none)Explanation


QUESTION 55

You are the project manager of the NNN project for your company. You and the project team are workingtogether to plan the risk responses for the project. You feel that the team has successfully completed therisk response planning and now you must initiate what risk process it is. Which of the following riskprocesses is repeated after the plan risk responses to determine if the overall project risk has beensatisfactorily decreased?

A. Risk response implementationB. Quantitative risk analysisC. Risk identificationD. Qualitative risk analysis



QUESTION 56You are the project manager for your company and a new change request has been approved for yourproject. This change request, however, has introduced several new risks to the project. You havecommunicated these risk events and the project stakeholders understand the possible effects these riskscould have on your project. You elect to create a mitigation response for the identified risk events.Where will you record the mitigation response?

A. Risk logB. Risk management planC. Risk registerD. Project management plan



QUESTION 57Which positive risk response best describes a teaming agreement?

A. EnhanceB. ExploitC. ShareD. Venture



QUESTION 58Your project is an agricultural-based project that deals with plant irrigation systems. You have discovered abyproduct in your project that your organization could use to make a profit you're your organization seizesthis opportunity it would be an example of what risk response?

A. ExploitingB. PositiveC. Opportunistic

D. Enhancing



QUESTION 59Which document refers to the steps that must be taken if there is a major gap in the projected deliveryquality of a service and the actual delivery?

A. Service Improvement PlanB. Service Quality PlanC. Business Service CatalogueD. Service Level Agreement



QUESTION 60Which of the following responsibilities are performed by the core team of IT governance? Each correctanswer represents a complete solution. Choose all that apply.

A. Provide service feedback to providers.B. Undertake core tasks.C. Define plan and deliverables.D. Report on process.

Correct Answer: BCDSection: (none)Explanation


QUESTION 61A project manager must have certain interpersonal skills to communicate with stakeholders and managetheir expectations of the project work. Which of the following interpersonal skills has been identified as oneof the biggest reasons for project success or failure?

A. MotivationB. InfluencingC. Political and cultural awarenessD. Communication



QUESTION 62TOGAF is based on four pillars, called architecture domains. Which of the following architecture domains

provides a blueprint for the individual application systems to be deployed, the interactions between theapplication systems, and their relationships to the core business processes of the organization with theframeworks for services to be exposed as business functions for integration?

A. Business architectureB. Applications architectureC. Technical architectureD. Data architecture



QUESTION 63Which of the following external factors complicate the notion of business-IT for achieving strategicalignment? Each correct answer represents a complete solution.Choose all that apply.

A. Resource limitationsB. Economic and regulatory changesC. World region changes and eventsD. Market changes



QUESTION 64You are hosting a collection of stakeholders from across the organization to identify the ideas and attitudesabout your company's help desk. You want the stakeholders to honestly share their opinions about the helpdesk service so you can identify problems, solutions, and take actions to improve the service. What type ofrequirements elicitation activity is this?

A. Root cause analysisB. Stakeholder analysisC. Focus groupsD. Workshop



QUESTION 65Which of the following are the main objectives of the Performance measurement domain? Each correctanswer represents a complete solution. Choose all that apply.

A. It satisfies the customer's need.B. It defines value creation roles within IT.C. It meets out the goals.D. It statistically controls the process sequences.

Correct Answer: ACDSection: (none)Explanation


QUESTION 66You work as a project manager for TechSoft Inc. You are working with the project stakeholders on thequalitative risk analysis process in your project. You have used all the tools to the qualitative risk analysisprocess in your project. Which of the following techniques is NOT used as a tool in qualitative risk analysisprocess?

A. Risk Data Quality AssessmentB. Risk CategorizationC. Risk ReassessmentD. Risk Urgency Assessment



QUESTION 67Paul has been asked to complete SWOT analysis for his solution scope. What does SWOT analysismean?

A. Stakeholder Weaknesses, Organizational ThreatsB. Strengths, Weaknesses, Opportunities, ThreatsC. Strengths, Weaknesses, Opportunities, TimeD. Stakeholders Weaknesses, Organization, Threats



Topic 2, Volume B

QUESTION 68You work as a project manager for BlueWell Inc. You are about to complete the quantitative risk analysisprocess for your project. You can use three available tools and techniques to complete this process. Whichone of the following is NOT a tool or technique that is appropriate for the quantitative risk analysis process?

A. Quantitative risk analysis and modeling techniquesB. Organizational process assetsC. Expert judgmentD. Data gathering and representation techniques



QUESTION 69You work as a project manager for BlueWell Inc. Your project is using a new material to construct a largewarehouse in your city. This new material is cheaper than traditional building materials, but it takes sometime to learn how to use the material properly. You have communicated to the project stakeholders that youwill be able to save costs by using the new material, but you will need a few extra weeks to completetraining to use the materials. This risk response of learning how to use the new materials can also beknown as what term?

A. Cost-benefits analysisB. BenchmarkingC. Cost of conformance to qualityD. Team development



QUESTION 70Which of the following methods offers a number of modeling practices and disciplines that contribute to asuccessful service-oriented life cycle management and modeling?

A. Service-oriented modeling and architecture (SOMA)B. Service-oriented architecture (SOA)C. Sherwood Applied Business Security Architecture (SABSA)D. Service-oriented modeling framework (SOMF)



QUESTION 71Which of the following processes involves choosing the alternative strategies, executing a contingency orfallback plan, taking corrective action, and modifying the project management plan?

A. Scope Change controlB. Monitor and Control riskC. Integrated Change controlD. Configuration Management



QUESTION 72Which of the following architecture domains for TOGAF describes the structure of an organization's logicaland physical data assets and the associated data management resources?

A. Applications architectureB. Technical architectureC. Data architectureD. Business architecture



QUESTION 73Which volume provides guidance on clarification and prioritization of service-provider investments inservices?

A. Service OperationB. Service StrategyC. Service DesignD. Service Management



QUESTION 74Which of the following problems occur with performance measurement systems that limit their usefulness?Each correct answer represents a complete solution. Choose all that apply.

A. It is dependent on gross aggregates, which tend to understate or ignore distributional contributions andconsequences.

B. It is dependent on the timely occurrence of corrective action which is required for effective managementcontrol.

C. It is dependent on historical patterns and reluctant to accept new structural changes that are capable ofgenerating different outcomes

D. It is dependent on summary data, which emphasizes averages and discounts outliers.



QUESTION 75You are the project manager of the NKJ Project for your company. The project's success or failure will havea significant impact on your organization's profitability for the coming year. Management has asked you toidentify the risk events and communicate the event's probability and impact as early as possible in theproject. Management wants to avoid risk events and needs to analyze the cost-benefits of each risk eventin this project. What term is assigned to the low-level of stakeholder tolerance in this project?

A. Risk utility functionB. Mitigation-ready project managementC. Risk-reward mentalityD. Risk avoidance


Explanation/Reference:

Explanation:

QUESTION 76Which of the following techniques is used for understanding the "environment" in which a businessoperates?

A. Critical success factor analysisB. PEST analysisC. SWOT analysisD. Market segmentation



QUESTION 77Which of the following process groups is the most efficient at providing resources to the development of theprocurement process?

A. Acquisition processB. Contract managementC. Process managementD. Resource management



QUESTION 78You are working with your project stakeholders to identify risks within the JKP Project. You want to use anapproach to engage the stakeholders to increase the breadth of the identified risks by including internallygenerated risk. Which risk identification approach is most suited for this goal?

A. BrainstormingB. Assumptions analysisC. SWOT analysisD. Delphi Technique



QUESTION 79John is the project manager of the NHQ Project for his company. His project has 75 stakeholders, some ofwhich are external to the organization. John needs to make certain that he communicates about risk in themost appropriate method for the external stakeholders. Which project management plan will be the bestguide for John to communicate to the external stakeholders?

A. Communications Management PlanB. Risk Response PlanC. Project Management Plan

D. Risk Management Plan



QUESTION 80As seen from the perspective of how the enterprise defines and executes business strategies to achieve itsgoals and objectives, which of the following elements does the ERM comprise of? Each correct answerrepresents a complete solution. Choose all that apply.

A. Enhancing risk response decisionsB. Providing integrated responses to few risksC. Reducing operational surprises and lossesD. Aligning risk appetite and strategy



QUESTION 81You work as the project manager for BlueWell Inc. You are monitoring the project performance. You wantto make a decision to change the project plan to eliminate a risk in order to protect the project objectives.Which of the following strategies will you use to tackle the risk?

A. Risk mitigationB. Risk avoidanceC. Risk acceptanceD. Risk transference



QUESTION 82Management wants you to create a visual diagram of what resources will be utilized in the projectdeliverables. What type of a chart is management asking you to create?

A. RACI chartB. Roles and responsibility matrixC. Work breakdown structureD. Resource breakdown structure



QUESTION 83

You are the project manager of the CUL project in your organization. You and the project team areassessing the risk events and creating a probability and impact matrix for the identified risks. Which one ofthe following statements best describes the requirements for the data type used in qualitative risk analysis?

A. A qualitative risk analysis requires fast and simple data to complete the analysis.B. A qualitative risk analysis required unbiased stakeholders with biased risk tolerances.C. A qualitative risk analysis encourages biased data to reveal risk tolerances.D. A qualitative risk analysis requires accurate and unbiased data if it is to be credible.



QUESTION 84Lisa is the project manager of the FKN project for her organization. She is working with Sam, the CIO, todiscuss a discount the vendor has offered the project based on the amount of materials that is ordered.Lisa and Sam review the offer and agree that while their project may qualify for the discounted materials thesavings is nominal and they would not necessarily pursue the savings. Lisa documents this positive riskresponse in the risk register. What risk response is this?

A. ShareB. Acceptance


C. EnhanceD. Transference



QUESTION 85You are the project manager of the GHY Project and would like to perform a review of your project fromseveral different characteristics. You would like to review what worked in the project and what neededimprovement. What type of analysis would be most appropriate for the end of project review?

A. Feasibility studyB. Product breakdownC. Business case studyD. SWOT analysis



QUESTION 86Which of the following best describes the identification, analysis, and ranking of risks?

A. Plan Risk managementB. Design of experimentsC. Fixed-price contractsD. Fast tracking



QUESTION 87There are five inputs to the quantitative risk analysis process. Which one of the following is NOT an input tothe perform quantitative risk analysis process?

A. Risk management planB. Risk registerC. Enterprise environmental factorsD. Cost management plan



QUESTION 88Which of the following stages of the Forrester's IT Governance Maturity Model describes that the ITgovernance processes is fully developed and optimized across the enterprise, and a well-built IT portfoliomanagement process is put to ensure that all IT investment decisions are themselves optimized?

A. Stage 2-FragmentedB. Stage 4-Best practicesC. Stage 3-ConsistentD. Stage 1-Ad hoc



QUESTION 89You are the project manager of the NHQ Project for your company. You have completed qualitative andquantitative analysis of your identified project risks and you would now like to find an approach to increaseproject opportunities and to reduce threats within the project. What project management process wouldbest help you?

A. Plan risk responsesB. Create a risk governance approachC. Create the project risk registerD. Monitor and control project risks



QUESTION 90Jane is the project manager of the GBB project for her company. In the current project a vendor has offeredthe project a ten percent discount based if they will order 100 units for the project. It is possible that theGBB Project may need the 100 units, but the cost of the units is not a top priority for the project. Janedocuments the offer and tells the vendor that they will keep the offer in mind and continue with the projectas planned.What risk response has been given in this project?

A. AcceptanceB. EnhanceC. SharingD. Exploiting



QUESTION 91Availability Management allows organizations to sustain the IT service availability to support the business ata justifiable cost. Which of the following elements of Availability Management is used to perform at anagreed level over a period of time?Each correct answer represents a part of the solution. Choose all that apply.

A. ReliabilityB. SecurityC. RecoverabilityD. ServiceabilityE. ResilienceF. MaintainabilityG. Error control

Correct Answer: ABCDEFSection: (none)Explanation

Explanation/Reference:Answer: A,B,C,D,E,FExplanation:

QUESTION 92Your project team has identified a project risk that must be responded to. The risk has been recorded in therisk register and the project team has been discussing potential risk responses for the risk event. The eventis not likely to happen for several months but the probability of the event is high. Which one of the followingis a valid response to the identified risk event?

A. Risk auditB. Earned value managementC. Corrective actionD. Technical performance measurement



QUESTION 93You are the business analyst for the YGT Organization. You have just completed a capabilities gapassessment and have determined that your organization does not have the necessary resources andtechnology to seize a business opportunity. What is the most likely course of action for the organization?

A. Hire contractors to complete the project work.B. Move onto the next opportunity.C. Launch a new project.D. Hire additional resources.



QUESTION 94Stephen is the project manager of the GBB project. He has worked with two subject matter experts and hisproject team to complete the risk assessment technique. There are approximately 47 risks that have a lowprobability and a low impact on the project.Which of the following answers best describes what Stephen should do with these risk events?

A. The low probability and low impact risks should be added to the risk register.B. Because they are low probability and low impact, the risks can be dismissed.C. Because they are low probability and low impact, Stephen should accept the risks.D. The low probability and low impact risks should be added to a watch list for future monitoring.



QUESTION 95Which of the following is a continuous process of comparing performance with desired objectives to identifyopportunities for improvement, and is conducted by individuals, groups, or organizations relating to theirown work?

A. Management AssessmentB. Continuous improvementC. Self AssessmentD. Control



QUESTION 96

In which of the following methods of risk mitigation does the senior management approve theimplementation of the controls that are recommended by the risk management team, and that will lower therisk to an acceptable level?

A. Risk AvoidanceB. Risk AlleviationC. Risk LimitationD. Risk Transference



QUESTION 97A project team member has just identified a new project risk. The risk event is determined to havesignificant impact but a low probability in the project. Should the risk event happen it'll cause the project tobe delayed by three weeks, which will cause new risk in the project. What should the project manager dowith the risk event?

A. Add the identified risk to a quality control management control chart.B. Add the identified risk to the low-level risk watchlist.C. Add the identified risk to the risk register.D. Add the identified risk to the issues log.



QUESTION 98Which of the following are the tasks performed by the Management committee in the Resourcemanagement framework? Each correct answer represents a complete solution.Choose all that apply.

A. To work on architectural designB. To define value creation roles within ITC. To balance sustain/growth proposalsD. To manage complex projects



QUESTION 99Which of the following steps are performed in the Planning phase of IT Assurance methodology? Eachcorrect answer represents a complete solution. Choose all that apply.

A. Plan the risk-based assurance initiatives.B. Scope and plan assurance initiatives.C. Perform a quick risk assessment.D. Assess process maturity.



QUESTION 100Which of the following essential elements of IT Portfolio Investment Management describes the ability tomodel the IT Portfolio with metrics most appropriate to the business such as ROI, Break- Even, CostAvoidance, and Revenue Return?

A. Integrated CapabilityB. Portfolio What-If PlanningC. Integrated Dashboards and ScorecardsD. Highly Configurable



QUESTION 101Which of the following domains of CGEIT aims to guarantee that the IT function remains aligned with theorganization's strategic objectives?

A. Strategic AlignmentB. Risk ManagementC. Value DeliveryD. IT Governance Framework



QUESTION 102Which of the following frameworks is for enterprise architecture, and provides a comprehensive approachto the design, planning, implementation, and governance of an enterprise information architecture?

A. TOGAFB. Val ITC. BISLD. COBIT



QUESTION 103Service Transition contains detailed descriptions of which of the following processes?

A. Change Management, Capacity Management, Event Management, and ServiceRequest Management

B. Service Level Management, Service Portfolio Management, Service Asset andConfigurationManagement

C. Service Asset and Configuration Management, Release Management, and RequestFulfillmentD. Change Management, Service Asset and Configuration Management, Release andDeployment

Management



QUESTION 104Which of the following processes is responsible for controlling, recording and reporting on versions,attributes, and relationships relating to components of the Information Technology (IT) infrastructure?

A. Service Catalogue ManagementB. Service Level ManagementC. ICT Operations ManagementD. Service Asset and Configuration Management



QUESTION 105You are the project manager of the GHG project for your company. You have identified the project risks,completed qualitative and quantitative analysis, and created risk responses. You also need to documenthow and when risk audits will be performed in the project. Where will you define the frequency of riskaudits?

A. Schedule management planB. Risk management planC. Quality management planD. Risk response plan



QUESTION 106What stakeholder(s) must participate in the document elicitation result?

A. Business analyst and the key stakeholdersB. Business analyst and the business ownerC. Business analyst, business analysis team, and the key stakeholdersD. Business analyst



Explanation:

QUESTION 107You are the HR Professional for your organization and you're working with the management to define therole of contractors versus employees in your organization. According to the Internal Revenue Service, thereare three categories of control that help determine whether a person is a contractor or an employee. Whichone of the following is not one of the three levels of control as defined by the IRS for employee versuscontractor?

A. Type of relationshipB. Locale of work performedC. Behavioral controlD. Financial control



QUESTION 108Holly and Gary are HR Professionals in their organization and they're working to develop the strategic planfor their organization. Holly and Gary are using SWOT analysis to help understand the needs of human,financial, technological, capital, and other aspects of their organization. What is SWOT?

A. SWOT is an analysis to define the strengths, weaknesses, opportunities, and threats an organizationmay face.

B. SWOT is an analysis to define the schedule, weaknesses, opportunities, and timetable of a projectendeavor.

C. SWOT is an analysis to define the strengths, weaknesses, openness, and timeliness of an organization.D. SWOT is an analysis to define the seriousness, weaknesses, openness, and timetable of organization

development.


Explanation/Reference:genuine answer.

QUESTION 109What is the key output handed over to Service Transition within Service Design?

A. Business PerspectiveB. Service Portfolio ManagementC. ITIL Small-Scale ImplementationD. Service Design Package



QUESTION 110Which of the following processes are covered by Service Strategy? Each correct answer represents acomplete solution. Choose all that apply.

A. Service Portfolio ManagementB. IT Financial ManagementC. Demand ManagementD. IT Architecture ManagementE. Supplier Management

Correct Answer: ABCESection: (none)Explanation


QUESTION 111Which of the following terms related to risk management represents the estimated frequency at which athreat is expected to occur?

A. Single Loss Expectancy (SLE)B. Exposure Factor (EF)C. Annualized Rate of Occurrence (ARO)D. Safeguard



QUESTION 112Which of the following concepts is used to reduce the errors produced during the manufacturing or serviceprocess, increase customer satisfaction, streamline supply chain management, aims for modernization ofequipment and ensures workers have the highest level of training?

A. Balanced Scorecard (BSC)B. Six SigmaC. Total Quality ManagementD. Total Security Management



QUESTION 113Enterprise analysis provides many things for an organization. All of the following are tasks included inenterprise analysis except for which one?

A. Solution performance assessmentB. Define business needC. Determine solution approachD. Assess capability gaps



QUESTION 114Billy is the project manager of the HAR Project and is in month six of the project. The project is scheduledto last for 18 months. Management asks Billy how often the project team is participating in riskreassessment in this project. What should Billy tell management if he's following the best practices for riskmanagement?

A. Project risk management happens at every milestone.B. Project risk management has been concluded with the project planning.C. At every status meeting the project team project risk management is an agenda item.D. Project risk management is scheduled for every month in the 18-month project.



QUESTION 115What business analysis element tries to identify as many potential options as possible to meet the businessobjectives and fill identified gaps in capabilities?

A. Decision analysisB. Alternative generationC. Documentation of assumptions and constraintsD. Ranking of approaches



QUESTION 116Service Level Management provides for continual identification, monitoring and review of the levels of ITservices specified in the service level agreements (SLAs). What are the responsibilities of Service LevelManagement? Each correct answer represents a part of the solution. Choose all that apply.

A. Producing and maintaining a Service Catalog.B. Liaising with Availability Management.C. Ensuring that the agreed IT services are delivered.D. Ensuring the primary functions of the Service Desk.E. Ensuring that appropriate IT Service Continuity plans have been made.

Correct Answer: ABCESection: (none)Explanation


QUESTION 117You are the project manager of a computer upgrade project. You and the vendor are in dispute over thedeliverables the vendor was to provide and configure. What document can best describe how you and thevendor are to proceed if there is a claim against the vendor?

A. Procurement management planB. Project cost management planC. Enterprise environmental factorsD. Contract



QUESTION 118Which of the following is a way of delivering value to customers by facilitating outcome that customers wishto get without the control of specific costs and risks?

A. ProcessesB. Service DeskC. FunctionsD. Service



QUESTION 119Which of the following objectives can be the best coordinated with the Human resource management?

A. Increasing the automation of the business processesB. Satisfying the business needsC. Rewarding employee fairlyD. Focusing on the business improvements



QUESTION 120Which of the following steps are performed in the Scoping phase of IT Assurance methodology? Eachcorrect answer represents a complete solution. Choose all that apply.

A. Customize control objectives.B. Scope and plan assurance initiatives.C. Select the control objectives for critical processes.D. Assess process maturity.



QUESTION 121Which of the following frameworks describes an enterprise view of all project management activities andhow these activities contribute to the success of the organization?

A. Casualty Actuarial Society frameworkB. COSO ERMC. Enterprise project management (EPM)D. COBIT


Explanation/Reference:best suitable answer.

QUESTION 122Which of the following planned and purposeful management processes are required by StrategicAlignment? Each correct answer represents a complete solution. Choose all that apply.

A. Clarifying the role that IT should playB. Aligning IT strategy with the business strategyC. Evaluating, post implementation, benefits delivered by ITD. Creating and sustaining awareness of the strategic role of IT at a top management level



QUESTION 123Which of the following terms includes performance objectives and criteria (POCs), performance indicators,and any other means that evaluate the success in achieving a specified goal?

A. PrecisionB. Performance Measurement SystemC. Performance MeasureD. Performance Measurement Category



QUESTION 124For the entire IT organizations to be agile, all members of the IT organizations need to understand the needfor agility and be committed to this process. Which of the following working principles or activity loops areinvolved for the IT organizations to be agile? Each correct answer represents a complete solution. Chooseall that apply.

A. Loop 2B. Loop 4C. Loop3D. Loop 1



QUESTION 125You are interviewing members of a project team to test their understanding of the assigned risk responsesas risk owners. You and the project manager are working together to evaluate the risk responses todetermine their effectiveness in the project. What project management technique are you performing withthe project manager in this scenario?

A. Risk identification with the project teamB. Risk auditsC. Risk analysisD. Stakeholder analysis as the project team is a stakeholder



QUESTION 126Which of the following domains of COBIT addresses the development of a maintenance plan that acompany should adopt in order to prolong the life of an IT system and its components?

A. Plan and OrganizeB. Acquire and ImplementC. Deliver and SupportD. Monitor and Evaluate



QUESTION 127Which of the following frameworks defines ERM as the discipline by which an organization in any industryassesses, controls, exploits, finances, and monitors risks from all sources for the purpose of increasing theorganization's short- and long-term value to its stakeholders?

A. COSO ERM frameworkB. COBITC. Val ITD. Casualty Actuarial Society framework



QUESTION 128Ned is the project manager of the HNN project for your company. Ned has asked you to help him complete

some probability distributions for his project. What portion of the project will you most likely use forprobability distributions?

A. Uncertainty in values such as duration of schedule activitiesB. Risk probability and impact matrixesC. Bias towards risk in new resourcesD. Risk identification



QUESTION 129Walter is the project manager of a large construction project. He'll be working with several vendors on theproject. Vendors will be providing materials and labor for several parts of the project. Some of the works inthe project are very dangerous so Walter has implemented safety requirements for all of the vendors andhis own project team.Stakeholders for the project have added new requirements, which have caused new risks in the project. Avendor has identified a new risk that could affect the project if it comes into fruition. Walter agrees with thevendor and has updated the risk register and created potential risk responses to mitigate the risk. Whatshould Walter also update in this scenario considering the risk event?

A. Project contractual relationship with the vendorB. Project communications planC. Project scope statementD. Project management plan



QUESTION 130You are the project manager of the NGQQ Project for your company. To help you communicate projectstatus to your stakeholders, you are going to create a stakeholder register. All of the following informationshould be included in the stakeholder register except for which one?

A. Stakeholder management strategyB. Assessment information of the stakeholders' major requirements, expectations, and potential influenceC. Stakeholder classification of their role in the projectD. Identification information for each stakeholder



QUESTION 131Which of the following stages of the Forrester's IT Governance Maturity Model states that there are noproper IT governance processes, and it is not documented by management as a requirement?

A. Stage 3-ConsistentB. Stage 2-Fragmented

C. Stage 1-Ad hocD. Stage 4-Best practices



QUESTION 132Event Management, Problem Management, Access Management, and Request Fulfillment are part ofwhich of the following stages of the Service Lifecycle?

A. Service StrategyB. Service TransitionC. Continual Service ImprovementD. Service Operation



QUESTION 133You work as a project manager for BlueWell Inc. You have to communicate the causes of risk events to thestakeholders. Which risk diagramming technique you will use to communicate the causes of risk events toproject stakeholders?

A. Project network diagramsB. Ishikawa diagramsC. Process flow chartsD. Influence diagrams



QUESTION 134What project management plan is most likely to direct the quantitative risk analysis process for a project ina matrix environment?

A. Risk management planB. Staffing management planC. Risk analysis planD. Human resource management plan



QUESTION 135

The water sanitation project manager has determined that risks associated with handling certain chemicalsare too high. He has therefore decided to allow someone else to complete this portion of the project byoutsourcing the handling and installation of the chemicals and filter equipment to an experiencedcontractor. This is an example of which of the following?

A. TransferenceB. AcceptanceC. MitigationD. Avoidance



QUESTION 136Which of the following outsourcing defines the performance objectives reached by negotiation between theuser and the provider of a service, or between an outsourcer and an organization?

A. Service level Agreement (SLA)


B. ProposalC. ContractD. Outsource



QUESTION 137Which of the following essential elements of IT Portfolio Investment Management seamlessly initiates theprojects, and incorporates the asset and software development costs to improve the accuracy of ongoingportfolio assessment and project prioritization?

A. Portfolio ManagementB. Portfolio What-If PlanningC. Integrated CapabilityD. Portfolio Planning Analysis



QUESTION 138Which of the following risk functions directs the Sarbanes-Oxley Section 302 and 404 assessments?

A. Operations managementB. Accounting / Financial complianceC. Operational Quality AssuranceD. Compliance & Ethics



QUESTION 139Which of the following project management plans defines the risk identification, analysis, response, andmonitoring strategies?

A. Communications Management PlanB. Resource Management PlanC. Risk Management PlanD. Stakeholder management strategy



QUESTION 140Which of the following functions of HR department is liable for policy creation, policy communication, recordcreation, and HR information systems?

A. Compensation and benefitB. Personnel policyC. Analysis and design for workD. Support for strategy



QUESTION 141Which of the following resource categories includes costs, productivity, availability, and change andconfiguration management?

A. ProductsB. ProcessesC. PeopleD. Partners



Explanation:

QUESTION 142What is the formula for measuring the "usage gap"?

A. Usage gap = market potential - existing usageB. Usage gap = market potential * existing usageC. Usage gap = market potential / existing usageD. Usage gap = market potential + existing usage



QUESTION 143Which of the following individuals/team advises on infrastructure needs and architectural design?

A. Management committeeB. CEOC. CIOD. IT Strategy Committee



QUESTION 144In which of the following types of biases does the data collection itself interfere with the process it ismeasuring?

A. InteractionB. NonresponseC. PerceptionD. Operational



QUESTION 145Which of the following categories describes the value added by the process divided by the value of thelabor and capital consumed?

A. QualityB. TimelinessC. QuantityD. Productivity

Correct Answer: DSection: (none)

Explanation


QUESTION 146Which of the following processes uses statistical evidences to determine progress toward specific definedorganizational objectives?

A. Resource managementB. Risk managementC. Value deliveryD. Performance measurement



QUESTION 147Which of the following has the tendency or inclination of outlook that is a troublesome source of error inhuman sensing?

A. DefectB. Bias (of measurement)C. VulnerabilityD. Risk



QUESTION 148Which of the following areas tracks the project delivery, and monitors the IT services?

A. Risk managementB. Performance measurementC. Strategic alignmentD. Value delivery



QUESTION 149Which of the following individuals ensures that IT complies with policy, laws and regulations?

A. Project sponsorB. Compliance officerC. SupplierD. Business partner



QUESTION 150Which of the following IT processes contained in the Deliver and Support domain of COBIT manages theoperations?

A. DS10B. DS13C. DS9D. DS8



QUESTION 151Which of the following individuals supports and contributes to customer's governance approach?

A. User representativesB. Supplier/Business partnersC. Compliance officersD. Project sponsors



QUESTION 152Which of the following techniques builds various plausible views of possible futures for a business?

A. PEST analysisB. Scenario PlanningC. SWOT AnalysisD. Market Segmentation



QUESTION 153Which of the following areas focuses on aligning with the business and collaborative solutions?

A. Risk managementB. Strategic alignmentC. Resource management

D. Value delivery



QUESTION 154Which of the following techniques seeks to identify the similarities and differences between the groups ofcustomers or users?

A. Market SegmentationB. PEST AnalysisC. SWOT AnalysisD. Scenario Planning



QUESTION 155Which of the following areas concentrates on optimizing expenses, and providing the value of IT?

A. Value deliveryB. Risk managementC. Resource managementD. Strategic alignment



QUESTION 156Which of the following is used as a tool that assists in risk identification?

A. Performance reportB. Status reportC. Variance analysisD. Issue log



QUESTION 157Which of the following is the amount of risk an enterprise is willing to except in pursuit of its mission?

A. ThreatsB. Vulnerability

C. Risk AppetiteD. Inherent Risk



QUESTION 158Which of the following risks refers to the risk associated with an event in the absence of specific controls?

A. Financial reporting riskB. Inherent riskC. Operational riskD. Compliance risk



QUESTION 159Which of the following types of risks includes liability torts, property damage, natural catastrophe andfinancial risk?

A. Asset riskB. Hazard riskC. Operational riskD. Strategic risk


Explanation/Reference:good answer.

QUESTION 160Which of the following areas addresses the safeguarding of IT assets, disaster recovery and continuity ofoperations?

A. Performance measurementB. Risk managementC. Value deliveryD. Strategic alignment



QUESTION 161Which of the following individuals/team allocates business resources for effective IT governance?

A. Business ExecutiveB. CEOC. CIOD. IT Strategy Committee



QUESTION 162Which of the following resource categories includes skill sets, certifications, productivity, and morale?

A. PartnersB. ProcessesC. PeopleD. Products



QUESTION 163Which of the following attributes are the COBIT's generic maturity model attributes? Each correct answerrepresents a complete solution. Choose all that apply.

A. Policies, plans and proceduresB. Tools and automationC. Awareness and communicationD. Availability and accessibility



QUESTION 164Which of the following systems come under the category of linking systems to connect an enterprise with itscustomers and supplier? Each correct answer represents a complete solution. Choose all that apply.

A. Website and portalB. Electronic data interchange (EDI)/extensible markup language (XML) data transfer systemsC. Office productivityD. E-mail, smartphone, instant messaging



QUESTION 165Which of the following steps of IT governance program establishes a balanced scorecard mechanism formeasuring current performance that are related to the IT governance focus areas?

A. Define target areasB. Develop improvement strategiesC. Understand and define the risksD. Measure results



QUESTION 166Which of the following areas of IT Governance Framework of CGEIT aims to guarantee that the IT functionremains aligned with the organization's strategic objectives?

A. Strategic AlignmentB. Performance managementC. Value DeliveryD. Risk Management



QUESTION 167Which of the following steps of IT governance program decides on the highest priority projects that will helpto improve the management and governance of the significant gap areas?

A. Define target areasB. Develop improvement strategiesC. Measure resultsD. Understand and define the risks



QUESTION 168In which of the following components of the COSO ERM are the policies and procedures established andimplemented to help ensure that the risk responses are effectively carried out?

A. Control activityB. Risk assessmentC. Risk responseD. Event identification

Correct Answer: ASection: (none)

Explanation


QUESTION 169Which of the following factors influence the operating environment of an enterprise? Each correct answerrepresents a complete solution. Choose all that apply.

A. Mission, vision and values of an enterpriseB. Outcome measuresC. Stakeholders valuesD. Industry practices



QUESTION 170You are using the IT BSC management tool to apply the practices of IT BSC to the IT function. You want toperform the following functions:

Deliver valueManage costManage risksAchieve intercompany synergies

Which process of the IT BSC Measurement tool will you use?

A. Future OrientationB. Operational excellenceC. Corporate contributionD. Customer Orientation



QUESTION 171Which of the following guides provides risk and value statements to help identify and validate the need toexecute each control objective?

A. IT assurance guideB. IT control objectives for Basel II guideC. COBIT control practices guideD. IT control for Sarbanes Oxley guide



QUESTION 172Which of the following quadrant analysis identifies the key issues of anticipation of business needs, servicelevels over cost, and business enablement and facilitation (removal of obstacles)?

A. High level role (strategic/transformational) and business market followers (riskaverse/mature)B. Low level role (tactical/utility) and business market leader (risk-taker/high growth)C. Low level role (tactical/utility) and business market followers (risk-averse/mature)D. High level role (strategic/transformational) and business market leader (risktaker/high growth)



QUESTION 173Which of the following components of the COSO ERM identifies the required information, captures it, andcommunicates it in a form and time frame that enable people to carry out their responsibilities?

A. Information and communicationB. Internal environmentC. MonitoringD. Objectives setting



QUESTION 174Which of the following statements explains the difference between the IT strategy committee and the ITsteering committee?

A. The IT strategy committee assists the executive in the delivery of the IT strategy, whereas the ITsteering committee advises the board and management on IT strategy.

B. The IT strategy committee focuses on implementation, whereas the IT steering committee focuses onthe current and future strategic IT issues.

C. The IT strategy committee aligns and approves the IT architecture, whereas the IT steering committeemonitors the resource and priority conflicts.

D. The IT strategy committee provides direction to management relative to IT strategy, whereas the ITsteering committee monitors the resource and priority conflicts.



QUESTION 175Which of the following guides provides guidance on how COBIT is useful in supporting a variety ofassurance tasks, along with the recommended testing steps that are aligned with the control practices?

A. COBIT control practices guideB. IT control for Sarbanes Oxley guideC. IT assurance guideD. IT control objectives for Basel II guide



QUESTION 176Which of the following examples are included in the general controls embedded in IT processes andservices? Each correct answer represents a complete solution. Choose all that apply.

A. CompletenessB. Change managementC. Systems developmentD. Accuracy

Correct Answer: BCSection: (none)Explanation


QUESTION 177Which of the following objectives are used by the system to decrease costs or revenues?

A. Increasing production ratesB. Decreasing production and operating costsC. Improving product qualityD. Creating new distribution channels



QUESTION 178Which of the following objectives are used by the system to increase costs or revenues? Each correctanswer represents a complete solution. Choose all that apply.

A. Erecting barriers to entry by competitorsB. Increasing production ratesC. Improving product qualityD. Creating new distribution channels

Correct Answer: ADSection: (none)Explanation


QUESTION 179The testing methods help in shaping opinion against assurance objectives by combining one or more of thetest types. Which of the following are the test types used in this process? Each correct answer represents acomplete solution. Choose all that apply.

A. ObserveB. InspectC. PlanD. Inquire



QUESTION 180Which of the following strategic issues in the IFAC report highlight the underlying success and failure ofenterprises? Each correct answer represents a complete solution.Choose all that apply.


A. Ability to provide service feedback to providersB. Strategy executionC. Ability to undertake successful mergers and acquisitionsD. Clarity of strategy



QUESTION 181Which of the following guides emphasizes on the fundamental steps for implementing information securitywithin the enterprise, and provides easy to follow guidance for addressing security aspects of ITgovernance?

A. COBIT security baseline guideB. COBIT control practices guideC. IT assurance guideD. IT control for Sarbanes Oxley guide



QUESTION 182Which of the following quadrant analysis identifies the key issues of working well with other functions, ITvalue realization over time rather than-just cost, and being business process- focused but solution driven?

A. Low level role (tactical/utility) and business market leader (risk-taker/high growth)B. High level role (strategic/transformational) and business market leader (risktaker/high growth)

C. High level role (strategic/transformational) and business market followers (riskaverse/mature)D. Low level role (tactical/utility) and business market followers (risk-averse/mature)



QUESTION 183Which of the following examples are included in the application controls embedded in business processapplications? Each correct answer represents a complete solution.Choose all that apply.

A. Segregation of dutiesB. ValidityC. SecurityD. Computer operations

Correct Answer: ABSection: (none)Explanation


QUESTION 184Which of the following individuals provides the funding, and want to see the return on their investment andstrategic alignment with their strategic objectives?

A. Compliance officersB. Internal auditorsC. Business partnersD. Product suppliers



QUESTION 185Which of the following processes contained in the Value Governance domain of Val IT defines informationrequirements?

A. VG6B. VG4C. VG5D. VG3



QUESTION 186

Which of the following is a family of ISO standards for Total Quality Management (TQM)?

A. ISO 20000B. ISO 9000C. ISO 38500D. ISO 27001



QUESTION 187Which of the following processes contained in the Portfolio Management domain of Val IT creates anoverall portfolio view?

A. PM8B. PM7C. PM9D. PM10



QUESTION 188Which of the following individuals provides service feedback to the providers?

A. Compliance officersB. User representativesC. Project sponsorsD. Suppliers



QUESTION 189Which of the following is a non repetitive set of tasks that lead to the achievement of a new objective?

A. PlanB. StrategyC. TechniquesD. Tactics



QUESTION 190Which of the following activity loops emphasizes on monitoring and deciding processes?

A. Loop 2B. Loop 4C. Loop 3D. Loop 1



QUESTION 191Which of the following activity loops describes creation of new processes?




QUESTION 192In which of the following editions of COBIT was "Management Guidelines" added?

A. The third editionB. The first editionC. The fourth editionD. The second edition



QUESTION 193Which of the following service delivery processes includes controls, document and record, as its subprocesses?

A. Service level managementB. Service reportingC. Information security managementD. Capacity management



QUESTION 194Which of the following phases of IT lifecycle is governed by a series of stages and gates for managing thelifecycle of projects?

A. IT project phaseB. IT process phaseC. IT asset phaseD. IT discovery phase



QUESTION 195Which of the following service delivery processes has the goal to produce, agreed on, timely, reliable, andaccurate reports for the effective communication?

A. Service level managementB. Service reportingC. Information security managementD. Capacity management



QUESTION 196What is the major goal of risk management in the decision-making process?

A. To manage the clientsB. To manage the timeC. To manage the resourcesD. To manage the uncertainty



QUESTION 197Which of the following types of risks includes currency risk, liquidity risk, and technology obsolescence?

A. Asset riskB. Operational riskC. Hazard riskD. Strategic risk

Correct Answer: A



QUESTION 198Which of the following risk functions ensures the product/service alignment with the customerrequirements?

A. AccountingB. MarketingC. Strategic planningD. Credit



QUESTION 199Which of the following is the process of identifying and assessing factors that may jeopardize the successof a project or the achievement of a goal?

A. Risk retentionB. Risk identificationC. Risk communicationD. Risk analysis



QUESTION 200Which of the following is the process of defining the way work is performed and the tasks that a given jobrequires?

A. SelectionB. RecruitmentC. Job designD. Job analysis



QUESTION 201Which of the following functions of HR department is liable for attitude surveys, labor relation, employeehandbook, and labor law compliance?

A. Personnel policyB. Employee relation

C. Compensation and benefitD. Analysis and design for work



QUESTION 202Which of the following categories measures the health of the organization and the working environment ofits employees?

A. QuantityB. SafetyC. EffectivenessD. Efficiency



QUESTION 203Which of the following is concerned with fairness and transparency?

A. Continual Service ImprovementB. Service SupportC. Service StrategyD. Governance



QUESTION 204Fill in the blank with an appropriate phrase._________models address specifications, requirements, design, verification and validation, andmaintenance activities.

Correct Answer: Life cycleSection: (none)Explanation


QUESTION 205Fill in the blank with an appropriate word.________is also referred to as corporate governance, and covers issues such as board structures, rolesand executive remuneration

Correct Answer: ConformanceSection: (none)Explanation


QUESTION 206Fill in the blank with an appropriate phrase._________is the study of how the variation (uncertainty) in the output of a mathematical model can beapportioned, qualitatively or quantitatively, to different sources of variation in the input of a model

Correct Answer: Sensitivity analysisSection: (none)Explanation

Explanation/Reference:exact answer.

QUESTION 207Fill in the blank with the appropriate word. An ___________ is a resource, process, product, computing infrastructure, and so forth that anorganization has determined must be protected.

Correct Answer: assetSection: (none)Explanation


QUESTION 208Drag and drop the various architecture domains for TOGAF at the appropriate places.

Select and Place:

Correct Answer:



QUESTION 209The Information Technology Infrastructure Library (ITIL) is a set of concepts and policies for managinginformation technology (IT) infrastructure, development, and operations. Drag and drop the ITIL processesthat focus on service operation, i.e. operational processes in Service Support, in the correct places.

Select and Place:

Correct Answer:



QUESTION 210You are the project manager of the AMD project for your organization. In this project, you are currentlyperforming quantitative risk analysis. The tool and technique you are using is simulation where the projectmodel is computed many times with the input values chosen at random for each iteration. The goal is tocreate a probability distribution from the iterations for the project schedule. What technique will you use withthis simulation?

A. Pareto modelingB. Expected Monetary ValueC. Monte Carlo TechniqueD. Analogous modeling

Correct Answer: CSection: (none)

Explanation


QUESTION 211Fill in the blank with an appropriate phrase.The _________ provides investment management services to the firm and directs on how to take decisionson fund.

Correct Answer: fund managerSection: (none)Explanation


QUESTION 212Fill in the blank with an appropriate phrase.The _______ portion of the issue log records the previous pending issues that have been taken care of.

Correct Answer: resolved issuesSection: (none)Explanation


QUESTION 213COBIT stands for Control Objectives for Information and Related Technology. COBIT is a set of bestpractices (framework) for information technology (IT) management created by the Information SystemsAudit and Control Association (ISACA), and the IT Governance Institute (ITGI) in 1996. Drag and drop thecorrect domain ('Monitor and Evaluate') next to the IT processes defined by COBIT to support CSI.

Select and Place:

Correct Answer:



QUESTION 214Fill in the blank with an appropriate phrase._______are activities that are dangerous to complete and manage such as construction, electrical work, ormanufacturing.

Correct Answer: Pure risksSection: (none)Explanation


QUESTION 215Drag and drop the various SSE-CMM levels at the appropriate places.

Select and Place:

Correct Answer:



QUESTION 216Fill in the blank with an appropriate phrase.The ________ creates and delivers momentum in gaining executive support, and provides help to set upmessaging that is constantly conveyed to motivate the team, and gives information to the stakeholders.

Correct Answer: communication planSection: (none)Explanation

Explanation/Reference:actual answer.

QUESTION 217Mary is the business analyst for your organization. She asks you what the purpose of the assess capabilitygaps task is. Which of the following is the best response to give Mary?

A. It identifies the causal factors that are contributing to an effect the solution will solve.B. It identifies new capabilities required by the organization to meet the business need.C. It describes the ends that the organization wants to improve.D. It identifies the skill gaps in the existing resources.



QUESTION 218Which of the following are the roles of a CEO in the Resource management framework? Each correctanswer represents a complete solution. Choose all that apply.

A. Organizing and facilitating IT strategic implementationsB. Establishment of business priorities & allocation of resources for IT performanceC. Overseeing the aggregate IT fundingD. Capitalization on knowledge & information



QUESTION 219Which of the following is a process that occurs due to mergers, outsourcing or changing business needs?


A. Voluntary exitB. Plant closingC. Involuntary exitD. Outplacement



QUESTION 220You work as a project manager for TYU project. You are planning for risk mitigation. You need to identifythe risks that will need a more in-depth analysis. Which of the following activities will help you in this?

A. Estimate activity durationB. Quantitative analysisC. Qualitative analysisD. Risk identification



QUESTION 221Which of the following types of benefits are provided by the new IT-driven initiative for IT investmentprogram? Each correct answer represents a complete solution. Choose all that apply.

A. Cost avoidance benefitB. Direct benefitC. Indirect benefit

D. Incremental benefit



QUESTION 222Which of the following components of COSO ERM framework encompasses the nature of an enterprise,and sets the basis for how risk is viewed and addressed by an organization people, including riskmanagement philosophy and risk appetite, integrity and ethical values, and the environment in which itoperates?

A. Risk responseB. Risk assessmentC. Control activityD. Internal environment



QUESTION 223Which of the following are the categories of IT-related spending or investments defined by the METAgroup? Each correct answer represents a complete solution. Choose all that apply.

A. Grow the businessB. Strategic investmentC. Transform the businessD. Run the business



QUESTION 224Which of the following quadrant analysis identifies the key issues of cost containment, predictability orreliability, continual unit cost improvement, and benchmarking for justification?

A. Low level role (tactical/utility) and business market leader (risk-taker/high growth)B. High level role (strategic/transformational) and business market leader (risktaker/high growth)C. Low level role (tactical/utility) and business market followers (risk-averse/mature)D. High level role (strategic/transformational) and business market followers (riskaverse/mature)



QUESTION 225

Which of the following functions are performed by the Future Orientation measure of the IT BSCmanagement tool? Each correct answer represents a complete solution.Choose all that apply.

A. It focuses on professional learning and development.B. It attracts and retains people with key competencies.C. It manages operational service performance.D. It measures and rewards individual and team performance.



QUESTION 226Which of the following are the process control objectives for the process controls embedment? Eachcorrect answer represents a complete solution. Choose all that apply.

A. Process ownershipB. Process goals and objectivesC. Process repeatabilityD. Process availability



QUESTION 227Which of the following are commonly used terms when discussing service improvement outcomes?

1) Improvements2) Benefits3) Return On Investment (ROI)4) Value On Investment(VOI)5) Resources

A. 2, 3, and 5 onlyB. 2, 3, 4, and 5 onlyC. 1, 2, 3, and 4 onlyD. 1, 2, and 4 onlyE. 1, 2, 3, 4, and 5



QUESTION 228Which of the following processes contained in the Portfolio Management domain of Val IT identifiesresource requirements?

A. PM5B. PM3

C. PM2D. PM4



Topic 3, Volume C

QUESTION 229Which of the following processes contained in the Portfolio Management domain of Val IT establishes aninvestment threshold?

A. PM4B. PM7C. PM6D. PM5



QUESTION 230Which of the following ISO standards defines the corporate governance of IT?

A. ISO 9000B. ISO 27001C. ISO 20000D. ISO 38500



QUESTION 231Which of the following concepts aims to limit errors to 1 per million units produced?

A. TQMB. BSCC. Six SigmaD. TSM



QUESTION 232Which of the following IT governance frameworks provides governance of IT investments, produced by the

IT Governance Institute (ITGI), and is a formal statement of principles and processes for IT portfoliomanagement?

A. VMMB. Val ITC. Risk ITD. COBIT



QUESTION 233Which of the following roles in Service Design is responsible for delivering a particular service within theagreed service levels and also acts as the counterpart of the Service Level Manager when negotiatingOLAs?

A. The Service Design ManagerB. The Service Level ManagerC. The Service OwnerD. The Service Catalogue Manager



QUESTION 234Harold is the project manager of a large project in his organization. He has been actively communicatingand working with the project stakeholders. One of the outputs of the manage stakeholder expectationsprocess can actually create new risk events for Harold's project. Which output of the manage stakeholderexpectations process can create risks?

A. Project management plan updatesB. Project document updatesC. Change requestsD. Organizational process assets updates



QUESTION 235Which of the following concepts is the business practice of developing and implementing comprehensiverisk management and security practices for a firm's entire value chain?

A. TOGAFB. TQMC. BSCD. TSM



QUESTION 236Sensitivity analysis is a technique for systematically changing parameters in a model to determine theeffects of such changes and is useful for computer modelers for a range of purposes. Which of thefollowing purposes does the sensitivity analysis include? Each correct answer represents a completesolution. Choose all that apply.

A. Decision making or the development of recommendations for decision makersB. Model developmentC. Estimating the average outcomeD. Increased understanding or quantification of the system



QUESTION 237Beth is an HR Professional for her organization and she's been alerted by management that the companywill be outsourcing a large portion of operations. This outsourcing will likely cause several employees tolose employment with the organization. Which of the following is the best course of action that Beth cantake in regard to communicating with the employees about the outsourcing change?

A. Be honest and truthful and do not hide the facts.B. Refer allC. Document allD. Don't share the details of the outsourcing decision.



QUESTION 238Which of the following processes are involved under the COBIT framework? Each correct answerrepresents a complete solution. Choose all that apply.

A. Managing the IT workforce.B. Correcting all risk issues.C. Conducting IT risk assessments.D. Developing a strategic plan.


Explanation/Reference:correct multiple answer.

QUESTION 239

Which of the following types of IT organizational structures states that all IT resources are centralized undera single reporting structure with centralized resource allocation (staffing), and the organizational structure isbuilt around the resource pools?

A. FederatedB. CentralizedC. Project-basedD. Decentralized



QUESTION 240Lisa is the project manager of the SQL project for her company. She has completed the risk responseplanning with her project team and is now ready to update the risk register to reflect the risk response.Which of the following statements best describes the level of detail Lisa should include with the riskresponses she has created?

A. The level of detail is set by historical information.B. The level of detail should correspond with the priority ranking.C. The level of detail is set of project risk governance.D. The level of detail must define exactly the risk response for each identified risk.



QUESTION 241Which of the following domains of CGEIT aims to guarantee that the IT enables and supports theachievement of business objectives through the integration of IT strategic plans with business strategicplans and the alignment of IT services with enterprise operations?

A. Risk ManagementB. IT Governance FrameworkC. Strategic AlignmentD. Value Delivery



QUESTION 242You are the project manager for the ABC organization. Your current project has 75 internal stakeholdersand 245 external stakeholders. Many of the risks within your project will only affect the internalstakeholders, but several of the identified risk events will affect the external stakeholders. Managementwould like to know the total number of communication channels in the project. How many communicationchannels exist in this project?

A. 245B. 102,080

C. 51,040D. 320



QUESTION 243Which of the following is a process improvement approach that provides organizations with the essentialelements for effective process improvement and guides process improvement across a project, a division,or an entire organization?

A. Capability Maturity Model IntegrationB. Service PortfolioC. COBITD. Six Sigma



QUESTION 244Amy is the project manager for her company. In her current project the organization has a very lowtolerance for risk events that will affect the project schedule. Management has asked Amy to consider theaffect of all the risks on the project schedule. What approach can Amy take to create a bias against risksthat will affect the schedule of the project?

A. She can filter all risks based on their affect on schedule versus other project objectives.B. She can have the project team pad their time estimates to alleviate delays in the project scheduleC. She can shift risk-laden activities that affect the project schedule from the critical path as much a

possible.D. She can create an overall project rating scheme to reflect the bias towards risks that affect the project

schedule.



QUESTION 245Della works as a project manager for SoftTech Inc. She is working with the project stakeholders to beginthe quantitative risk analysis process. Which of the following inputs will be needed for the quantitative riskanalysis process in her project? Each correct answer represents a complete solution.Choose all that apply.

A. Project scope statementB. Risk management planC. Cost management planD. Risk register

Correct Answer: BCDSection: (none)

Explanation


QUESTION 246Which types of project tends to have more well-understood risks?

A. First-of-its kind technology projectsB. State-of-art technology projectsC. Recurrent projectsD. Operational work projects



QUESTION 247Marsha is the project manager of the NHQ Project. There's a risk that her project team has identified, whichcould cause the project to be late by more than a month. Marsha does not want this risk event to happen soshe devises extra project activities to ensure that the risk event will not happen. The extra steps, however,will cost the project an additional $10,000. What type of risk response is this approach?

A. ExploitingB. TransferenceC. MitigationD. Enhancing



QUESTION 248Which of the following frameworks describes a standard for processes within business informationmanagement at the strategy, management and operations level?

A. Val ITB. BISLC. COBITD. TOGAF


Explanation/Reference:updated answer.

QUESTION 249You are the project manager of a large construction project. You are evaluating the strengths, weaknesses,opportunities, and threats involved in a project. In which of the following processes are you on?

A. Define ScopeB. Identify Risks

C. Plan Risk ResponsesD. Plan Risk Management



QUESTION 250Which of the following is NOT a valid maturity level of the Software Capability Maturity Model (CMM)?

A. Repeatable levelB. Managed levelC. Defined levelD. Fundamental level



QUESTION 251Shawn is the project manager of the WHT Project for his company. In this project Shawn's team reportsthat they have found a way to complete the project work for less cost than what was originally planned. Theproject team presents a new software that will help to automate the project work. While the software andthe associated training costs $25,000 it will save the project nearly $65,000 in total costs. Shawn agrees tothe software and changes to the project management plan accordingly. What type of risk response hasbeen used in this instance?

A. EnhancingB. AcceptingC. AvoidanceD. Exploiting



QUESTION 252Which of the following sub-processes of Capacity Management is concerned with the management of theindividual components of the IT Infrastructure?

A. Capacity Management ReportingB. Business Capacity ManagementC. Service Capacity ManagementD. Resource Capacity Management



QUESTION 253You work as the project manager for Bluewell Inc. You are working on NGQQ Project for your company.You have completed the risk analysis processes for the risk events. You and the project team have createdrisk responses for most of the identified project risks. Which of the following risk response planningtechniques will you use to shift the impact of a threat to a third party, together with the responses?

A. Risk transferenceB. Risk avoidanceC. Risk acceptanceD. Risk mitigation



QUESTION 254Which of the following are the advantages of IT Resource Management? Each correct answer represents acomplete solution. Choose all that apply.

A. It develops the IT service quality and effectiveness.B. It reduces the IT project complexity.C. It reduces the enterprise risks.D. It provides customer organization to construct the Request for Proposal (RFP).



QUESTION 255Which of the following domains of COBIT covers the use of information & technology, and how best it canbe used in a company to help achieve the company's goals and objectives?

A. Deliver and SupportB. Acquire and ImplementC. Plan and OrganizeD. Monitor and Evaluate



QUESTION 256Fred is the project manager of a large project in his organization. Fred needs to begin planning the riskmanagement plan with the project team and key stakeholders. Which plan risk management process tooland technique should Fred use to plan risk management?

A. Planning meetings and analysisB. Variance and trend analysisC. Data gathering and representation techniquesD. Information gathering techniques



QUESTION 257You are the project manager of a large construction project. Part of the project involves the wiring of theelectricity in the building your project is creating. You and the project team determine the electrical work istoo dangerous to perform yourself so you hire an electrician to perform the work for the project. This is anexample of what type of risk response?

A. AvoidanceB. MitigationC. TransferenceD. Acceptance



QUESTION 258Gary is the project manager of the MMQ project for his company. He is working with his project team toplan the risk responses for his project. Sarah, a project team member, does not understand the processthat Gary is using to plan the risk responses. Which approach is the preferred method to address projectrisks and the risk responses?

A. Risks in the project should be addressed by their probability for creating risk responses.B. Risks in the project should be addressed by the organization's risk tolerance for creating risk responses.C. Risks in the project should be addressed by their priority for creating risk responses.D. Risks in the project should be addressed by their impact for creating risk responses.



QUESTION 259Which of the following are the main benefits of using Information Services Procurement Library (ISPL)?Each correct answer represents a complete solution. Choose all that apply.

A. The contract can be used as a control instrument.B. The customer can take advantage of the competitive market.C. The proposals of consumers become comparable.D. The use of a strategy that really fits the situation.



QUESTION 260During qualitative risk analysis you want to define the risk urgency assessment. All of the following areindicators of risk priority except for which one?

A. Risk ratingB. Warning signsC. Cost of the projectD. Symptoms



QUESTION 261What does the T in SWOT analysis mean?

A. TimeB. TrialC. ThreatsD. Test



QUESTION 262Which of the following components work to support achievements of the enterprise's mission, strategies,and related business objectives in an internal control system? Each correct answer represents a completesolution. Choose all that apply.

A. Control activitiesB. Control environmentC. Strategic alignmentD. Risk assessment



QUESTION 263Which of the following are the objectives of Service Level Management (SLM)?

1. To negotiate SLAs with the customers and to design services in accordance with the agreed service leveltargets.2. Defining, documenting, and agreeing the level of IT Services to be provided.3. Identifying possible future markets that the Service Provider could operate in.4. Monitoring, measuring, and reporting the actual level of services provided.5. Monitoring and improving customer satisfaction.

A. 1, 2, and 3 onlyB. 1, 2, 4, and 5 only

C. 1, 2, 3, 4, and 5D. 1, 2, 3, and 5 onlyE. 1 and 2 only



QUESTION 264Where can a project manager find risk-rating rules?

A. Risk management planB. Enterprise environmental factorsC. Risk probability and impact matrixD. Organizational process assets


Explanation/Reference:nicely answered.

QUESTION 265Software Development Life Cycle (SDLC) is a logical process used by programmers to develop software.Which of the following SDLC phases meets the audit objectives defined below?

· System and data are validated.· System meets all user requirements.· System meets all control requirements.

A. Evaluation and acceptanceB. Programming and trainingC. InitiationD. Definition



QUESTION 266Ben is the project manager of the CMH Project for his organization. He has identified a risk that has a lowprobability of happening, but the impact of the risk event could save the project and the organization with asignificant amount of capital. Ben assigns Laura to the risk event and instructs her to research the time,cost, and method to improve the probability of the positive risk event. Ben then communicates the riskevent and response to management. What risk response has been used here?

A. EnhanceB. TransferenceC. SharingD. Exploit

Correct Answer: ASection: (none)

Explanation


QUESTION 267You are the project manager for ABC project. You are planning for when and how human resourcerequirements will be met. You are working on ____.

A. Scope management planB. Project organization chartC. Staffing management planD. Resource calendar



QUESTION 268Jeff works as a project manager for BlueWell Inc. He is determining which risks can affect the project.Which of the following are the inputs to the identify risks process that Jeff will use to accomplish the task?Each correct answer represents a complete solution.Choose all that apply.

A. Risk management planB. Activity cost estimatesC. Scope baselineD. Risk register



QUESTION 269Which of the following types of agreement creates a confidential relationship between the parties to protectany type of confidential and proprietary information or a trade secret?

A. CNCB. NDAC. SLAD. Non-price competition



QUESTION 270Gary is the project manager for his organization. He is working with the project stakeholders on the projectrequirements and how risks may affect their project. One of the stakeholders is confused about whatconstitutes risks in the project. Which of the following is the most accurate definition of a project risk?

A. It is an unknown event that can affect the project scope.B. It is an uncertain event that can affect at least one project objective.C. It is an uncertain event that can affect the project costs.D. It is an uncertain event or condition within the project execution.



QUESTION 271Which of the following roles is used to ensure that the confidentiality, integrity, and availability of theservices are maintained to the levels approved on the Service Level Agreement (SLA)?

A. The Service Level ManagerB. The Configuration ManagerC. The IT Security ManagerD. The Change Manager



QUESTION 272Which of the following processes contained in the Value Governance domain of Val IT establishes theorganizational structures?

A. VG7B. VG9C. VG6D. VG8



QUESTION 273Which of the following activity loops describes improvement of the existing processes?




QUESTION 274Which of the following strategies includes marketing strategies, new product development strategies, HRstrategies and, financial strategies?

A. Operational strategyB. Corporate strategyC. Business strategyD. Functional strategy



QUESTION 275Which of the following phases in SDLC transforms the detailed requirements into complete, detailed systemdesign document?

A. PlanningB. DesignC. DevelopmentD. Initiation



QUESTION 276Which of the following phases in SDLC provides the basis for acquiring the resources needed to achieve asolution?

A. DesignB. PlanningC. DevelopmentD. Initiation



QUESTION 277Which of the following phases of IT lifecycle occurs during the concept and idea stages of basic research?

A. IT asset phaseB. IT discovery phaseC. IT process phaseD. IT project phase



QUESTION 278Which of the following steps of development of business case describes the financial benefits analysis?

A. Step 1B. Step 3C. Step 2D. Step 4



QUESTION 279Which of the following is a practice of forecasting possible risks to the organization and taking steps tomitigate their impact on operations?

A. TimekeepingB. Enterprise risk managementC. Applicant tracking systemsD. HR audit




Selftestengine.CGEIT.279 Questions - GRATIS EXAM · Selftestengine.CGEIT.279 Questions Number ......

Documents

Transcript of Selftestengine.CGEIT.279 Questions - GRATIS EXAM · Selftestengine.CGEIT.279 Questions Number ......