Who is responsible for the oversight of structures and mechanisms that drive enterprise governance
of information and technology (EGIT)?
C
Explanation:
The board is responsible for the oversight of structures and mechanisms that drive enterprise
governance of information and technology (EGIT). According to the ISACA Journal article, “the board
is ultimately accountable for EGIT and should oversee its establishment and monitor its
effectiveness” . The board should also ensure that EGIT aligns with the enterprise governance
framework and supports the achievement of enterprise objectives.
COBIT defines stakeholder value creation as which of the following?
B
Explanation:
COBIT defines stakeholder value creation as the realization of benefits at an optimal resource cost
while optimizing risk. This is based on the principle of balance, which states that “governance of
enterprise I&T should ensure that stakeholder needs, conditions and options are evaluated to
determine balanced, agreed-on enterprise objectives to be achieved; setting direction through
prioritization and decision making; and monitoring performance and compliance against agreed-on
direction and objectives” . Value creation is not only about reducing costs or mitigating risks, but also
about optimizing them in relation to the expected benefits.
The value that I&T delivers should be:
A
Explanation:
The value that I&T delivers should be aligned directly with the values on which the business is
focused. This is based on the principle of alignment, which states that “governance of enterprise I&T
should ensure that I&T-enabled investments are aligned with the enterprise strategy and deliver the
expected benefits” . Value delivery is not only about maintaining or increasing value from existing
I&T investments, but also about ensuring that new investments support the strategic objectives and
stakeholder needs of the enterprise.
COBIT addresses governance issues by doing which of the following?
A
Explanation:
COBIT addresses governance issues by grouping relevant governance components into objectives
that can be managed to a required capability level. This is based on the principle of performance,
which states that “governance of enterprise I&T should ensure that I&T performance is measured
using relevant metrics; transparently communicated to stakeholders; evaluated against targets; and
leads to appropriate management actions” . COBIT does not provide a full description of the entire IT
environment or define specific governance strategies and processes, but rather provides a generic
and flexible framework that can be adapted to different contexts and situations.
Which of the following is a guiding principle in the development of COBIT?
A
Explanation:
A guiding principle in the development of COBIT is that COBIT aligns with other related and relevant
I&T standards, frameworks and regulations. This is based on the principle of integration, which states
that “governance of enterprise I&T should ensure integration into enterprise governance; alignment
with other related standards, frameworks and regulations; and provision of a common language for
all stakeholders” . COBIT does not include or replace other standards, frameworks or regulations, but
rather complements them by providing a holistic and comprehensive approach to governance of
enterprise I&T.
Which of the following is an element of governance?
C
Explanation:
An element of governance is evaluating stakeholder needs to determine enterprise objectives.
This
is based on the principle of stakeholder value, which states that “governance of enterprise I&T
should ensure that stakeholder needs, conditions and options are evaluated to determine balanced,
agreed-on enterprise objectives to be achieved; setting direction through prioritization and decision
making; and monitoring performance and compliance against agreed-on direction and
objectives” 1
.
Evaluating stakeholder needs involves identifying who the stakeholders are, what their
interests and expectations are, and how they can influence or be influenced by the enterprise’s
activities2. Reference: 1: COBIT 2019 Framework: Introduction and Methodology, page 23 2
: COBIT
2019 Framework: Governance and Management Objectives, page 18
In most cases, management of the enterprise is the responsibility of:
B
Explanation:
In most cases, management of the enterprise is the responsibility of the executive management
team. The executive management team consists of senior managers who are accountable for
implementing the strategies and policies set by the board or other governing body.
They are also
responsible for planning, organizing, directing, controlling, and reporting on the enterprise’s
operations3
.
The executive management team may delegate some of their management
responsibilities to other managers or staff, but they remain ultimately accountable for the
outcomes4. Reference: 3: COBIT 2019 Framework: Introduction and Methodology, page 28 4
: COBIT
2019 Framework: Governance and Management Objectives, page 21
Which of the following benefits derived from the use of COBIT is PRIMARILY associated with an
external stakeholder?
C
Explanation:
One of the benefits derived from the use of COBIT is that it helps to ensure compliance with
applicable rules and regulations. This benefit is primarily associated with an external stakeholder,
such as a regulator, auditor, customer, or partner, who expects the enterprise to adhere to certain
standards and requirements.
COBIT provides guidance on how to align the governance and
management of enterprise IT with relevant laws, regulations, and contractual obligations12
.
COBIT
also helps to establish and maintain a compliance culture and program within the
enterprise3. Reference: 1: COBIT 2019 Framework: Introduction and Methodology, page 17 2: COBIT
2019 Framework: Governance and Management Objectives, page 19 3
: COBIT 2019 Design Guide:
Designing an Information and Technology Governance Solution, page 77
The primary target audience for COBIT is:
C
Explanation:
The primary target audience for COBIT is business and IT management responsible for building and
deploying I&T solutions.
COBIT is designed to help these managers address the challenges of aligning
I&T with business goals, delivering value from I&T, managing I&T risks, optimizing I&T resources, and
measuring I&T performance5
. COBIT provides a comprehensive and flexible framework that can be
adapted to different contexts and situations.
COBIT also helps to establish a common language and
understanding among business and IT stakeholders6. Reference: 5: COBIT 2019 Framework:
Introduction and Methodology, page 15 6
: COBIT 2019 Framework: Introduction and Methodology,
page 25
Within the principles for a governance system, the value generated from the use of I&T reflects:
B
Explanation:
The value generated from the use of I&T reflects a balance among benefits, risk and resources.
This is
based on the principle of balance, which states that “governance of enterprise I&T should ensure
that stakeholder needs, conditions and options are evaluated to determine balanced, agreed-on
enterprise objectives to be achieved; setting direction through prioritization and decision making;
and monitoring performance and compliance against agreed-on direction and objectives” 1
.
Value
generation is not only about maximizing financial benefits or minimizing costs or risks, but also about
optimizing them in relation to the expected outcomes7. Reference: 1: COBIT 2019 Framework:
Introduction and Methodology, page 23 7
: COBIT 2019 Framework: Governance and Management
Objectives, page 19
Which of the following should a stakeholder do to optimize the use of COBIT?
B
Explanation:
COBIT guidance should be customized to meet specific enterprise needs, as different enterprises
have different goals, objectives, risks, and requirements. COBIT provides a flexible and adaptable
framework that can be tailored to suit the enterprise’s context and environment.
COBIT also provides
guidance on how to customize the framework using design factors and focus
areas.12
Reference:
COBIT 2019 Framework: Introduction and Methodology
,
COBIT 2019 Design
Guide: Designing an Information and Technology Governance Solution
Which COBIT principle addresses the need to consider how many changes in technology or strategy
impact the enterprise governance system as a whole?
C
Explanation:
The COBIT principle that addresses the need to consider how changes in technology or strategy
impact the enterprise governance system as a whole is that a governance system should be
dynamic.
This principle states that “a governance system should be responsive to changing
stakeholder needs, conditions and options; adaptable to changing circumstances; able to learn from
experience; and innovative in supporting continual improvement” 4
.
A dynamic governance system
can anticipate and respond to changes in the internal and external environment, such as new
technologies, business models, risks, or opportunities5. Reference: 4: COBIT 2019 Framework:
Introduction and Methodology, page 23 5
: COBIT 2019 Framework: Governance and Management
Objectives, page 20
Which of the following BEST enables an enterprise to maximize value from the use of I&T?
B
Explanation:
An actionable strategy and governance system enables an enterprise to maximize value from the
use of I&T by providing direction, alignment, oversight, and performance measurement. A strategy
defines the enterprise’s vision, mission, goals, and objectives, and how I&T can support them. A
governance system ensures that the strategy is implemented effectively and efficiently, and that the
outcomes are monitored and evaluated.
COBIT provides a comprehensive governance system for
enterprise I&T that covers all aspects of governance, management, and
enablers.13
Reference:
COBIT 2019 Framework: Introduction and Methodology
,
COBIT 2019
Framework: Governance and Management Objectives
Which of the following is a KEY principle of an enterprise governance system?
A
Explanation:
A key principle of an enterprise governance system is that it should focus on all technology and
information processing, regardless of where processing takes place. This means that the governance
system should cover not only the IT function, but also the business processes, functions, and units
that use or rely on I&T. It also means that the governance system should address the external entities
that provide or consume I&T services or data, such as customers, suppliers, partners, regulators,
etc.
COBIT adopts a holistic view of enterprise I&T that encompasses all internal and external
stakeholders.14
Reference:
COBIT 2019 Framework: Introduction and Methodology
,
COBIT 2019
Framework: Governance System
According to the principles for a governance framework, which of the following is a PRIMARY
consideration when addressing new issues within a flexible and open framework?
A
Explanation:
A primary consideration when addressing new issues within a flexible and open framework is
maintaining integrity and consistency.
This means that “the framework should be internally
consistent; not contain contradictions or ambiguities; be complete in covering all relevant aspects of
enterprise governance of I&T; and be coherent in its structure, terminology and
presentation” 6
.
Maintaining integrity and consistency ensures that the framework is reliable, clear,
and easy to use for all stakeholders7. Reference: 6: COBIT 2019 Framework: Introduction and
Methodology, page 25 7
: COBIT 2019 Design Guide: Designing an Information and Technology
Governance Solution, page 13