SIMULADO 1 COBIT FOUNDATION

-------------------------------------------------------------------------------1 ) What is the likely problem encountered when trying aling IT with business?
a)
b)
c)
d)

The projects are too complex

Use of external service providers
The changes tend to be always urgents
Inadequate process implementation

-------------------------------------------------------------------------------2 ) To satisfy business requirements, information needs to conform to certain criteria,

with COBIT component refer as
a)
b)
c)
d)

IT Process
IT Domains
Information Criteria
Control Objectives

-------------------------------------------------------------------------------3 ) Which level of matury in COBIT is associated with a process that has controls in
place but are not documented.
a)
b)
c)
d)
e)

Level 1 - Initial
Level 2 - Repeatable
Level 3 - Defined
Level 4 - Management
Level 5 - Optimized

-------------------------------------------------------------------------------4 ) The COSO Framework is widely accepted for

a)
b)
c)
d)

IT management
IT Process
Support Process
Internal Controls

--------------------------------------------------------------------------------

5 ) Which COBIT Product enable the users to benchmark and compare their
organization with others?
a)
b)
c)
d)

Community
COBIT Framework
COBIT Implementation Tool
COBIT Online

-------------------------------------------------------------------------------6 ) Which part of COBIT has resources to help assess the capability of IT Process?
a)
b)
c)
d)

Control Practices
IT Governance Implementation Guide
Framework
Control Objectives

-------------------------------------------------------------------------------7 ) What is the main objective of COBIT QuickStart?

a) Providing a generic road map for implementing IT governance
b) Providing guidance on why controls are worth implementing
c) Focusing the organisation on essential steps for implementing information
security
d) Providing a baseline of control for the smaller organisation
-------------------------------------------------------------------------------8 ) CobiT can be used by a number of audiences. What is the primary reason given for
CobiT benefiting management?
a)
b)
c)
d)

Assists obtain assurance on control of IT services.

Useful to substantiate opinions about IT internal controls.
Helps balance risk and control investment decisions.
A basis to provide advice on IT controls.

-------------------------------------------------------------------------------9 ) What does a Key Goal Indicator measure?

a)
b)
c)
d)

Result of a control objective

Outcome of a business process
Performance of an IT process
A concern of management

--------------------------------------------------------------------------------

10 ) The CobiT Framework advocates which one of the following approaches to control
implementation?
a)
b)
c)
d)

Process orientated
Resource usage
Baseline controls
Risk assessment

-------------------------------------------------------------------------------11 ) In the CobiT navigation aid, the control of an IT process is intended to satisfy
which one of the following?
a)
b)
c)
d)

Control statements
Business requirements
Control practices
Performance indicators

-------------------------------------------------------------------------------12 ) It Governance is best summarised by which one of the following statements?

a) organisational structures, practices, procedures and policies designed to provide
assurance
b) the purpose to be achieved by implementing control procedures
c) enabling factors of IT processes
d) a structure of relationships and processes to direct and control
-------------------------------------------------------------------------------13 ) The CobiT Key Performance Indicators are intended to be which one of the
following?
a)
b)
c)
d)

Long term goals for IT

Self assessment scales
Appraisal criteria for staff
Short, focused and measurable

-------------------------------------------------------------------------------14 ) How are application systems and data treated within the CobiT Framework?
a)
b)
c)
d)

as a Resource
as a Critical success factor
as a Business requirement
as an IT process

--------------------------------------------------------------------------------

15 ) The CobiT defined IT process of Data Management is found in which Domain?

a)
b)
c)
d)

Monitoring
Planning and Organisation
Acquisition and Implementation
Delivery and Support

-------------------------------------------------------------------------------16 ) Controls Practice provide guidance

a)
b)
c)
d)

the hierarchy of control responsibilities

how to use detail controls objectives
why controls are needed and how to implement them
the importance control activities and tasks

-------------------------------------------------------------------------------17 ) Which of the following framework is more used for Capability Maturity Model
related to software development?
a)
b)
c)
d)

COSO
ITIL
CMM
COBIT

-------------------------------------------------------------------------------18 ) Which of the following IT Process help to assure that service providers are meeting
business requirements?
a)
b)
c)
d)

DS1 Define and Manage Service Levels

DS3 Manage Performance and Capacity
DS2 Manage Third-party Services
AI4 Enable Operation and Use

-------------------------------------------------------------------------------19 ) Which of the following is an IT resource identified in COBIT?

a)
b)
c)
d)

Data Base System

Network
Information
Servers

--------------------------------------------------------------------------------

20 ) Which of the following is an IT Governance Concern of a trading partner?

a)
b)
c)
d)

System changes are not made without the partner approval

The IT systems are based on the latest technology
The IT operation is cost effective and efficient
Confidential company information is not given to competitor

-------------------------------------------------------------------------------21 ) ISO 17799 provides the detailed how to do it for:

a)
b)
c)
d)

service quality
service delivery
project management
information security management

-------------------------------------------------------------------------------22 ) Which COBIT IT Resource can be defined as being hardware, operation systems,
database management systems, networking and environment?
a) Software
b) Infrastructure
c) Systems
-------------------------------------------------------------------------------23 ) Where in COBIT are resources found to help obtain, evaluate, assess and
substantiate?
a)
b)
c)
d)

Framework
Control Objectives
Management Guidelines
Audit Guidelines

-------------------------------------------------------------------------------24 ) Which of the following is a state in the generic audit process defined in the Audit
Guidelines?
a)
b)
c)
d)

Evaluation
Identifying Users
Defining Approaches
Measuring Performance

--------------------------------------------------------------------------------

25 ) When a process is informal and reactive what is the level of maturity?

a)
b)
c)
d)

Level 1 - Initial
Level 2 - Repeatable
Level 3 - Defined
Level 4 - Managed

-------------------------------------------------------------------------------26 ) COBIT is compatible with others standards because it:

a)
b)
c)
d)

Covers IT controls
can be used as project management guide
is positioned centrally at the general level
doesnt have any reference to others standards

-------------------------------------------------------------------------------27 ) Which of the following is a security requirement within the COBIT Information
Criteria?
a)
b)
c)
d)

Time
Effectiveness
Integrity
Quality

-------------------------------------------------------------------------------28 ) Which COBIT product provides updated information about COBIT?

a)
b)
c)
d)

COBIT Framework
COBIT Implementation tools
COBIT Online
COBIT Resources

-------------------------------------------------------------------------------29 ) Which of the following is a characteristic of a control framework?

a)
b)
c)
d)

Process orientation
People orientation
Technology orientation
Resources orientation

--------------------------------------------------------------------------------

30 ) Key Goal Indicators (KGIs) measure:

a)
b)
c)
d)

how well the business uses IT

The achievement of objectives
process performance
the effectivenss of users of IT services

-------------------------------------------------------------------------------31 ) The Information Critereia concerned with the protection of information from
unauthorized disclosure is:
a)
b)
c)
d)

Compliance
Reliability
Availability
Confidentiality

-------------------------------------------------------------------------------32 ) In DS2 - Manage Third-party Services an ongoing program that identify and
institutionalize best practices indicates which level of maturity?
a)
b)
c)
d)

Level 2- Repeatable
Level 3- Defined
Level 4- Managed
Level 5- Optimised

-------------------------------------------------------------------------------33 ) Which of the following is included as a component part of the COBIT mission?
a)
b)
c)
d)

Provide consulting and implementation services

Produce an ISO standard
Certify companies and products
Develop internationally accepted control objectives

-------------------------------------------------------------------------------34 ) What is the high-level objective concerned to to maintain the integrity of

information and protect IT assets requires a security management process?
a)
b)
c)
d)

DS5 Ensure Systems Security

DS12 Manage the Physical Environment
PO9 Assess and Manage IT Risks
AI7 Install and Accredit Solutions and Changes

--------------------------------------------------------------------------------

35 ) What is the high-level objective concerned to management of all IT projects?

a)
b)
c)
d)

PO1 Define a Strategic IT Plan

PO4 Define the IT Processes, Organisation and Relationships
PO5 Manage the IT Investment
PO10 Manage Projects

-------------------------------------------------------------------------------36 ) What is the high-level objective that is related to production of documentation and
manuals for users?
a)
b)
c)
d)

AI1 Identify Automated Solutions

DS7 Educate and Train Users
DS8 Manage Service Desk and Incidents
AI4 Enable Operation and Use

-------------------------------------------------------------------------------37 ) Which of the following is a IT Key Goal Indicators?

a)
b)
c)
d)

# of formal SLA review meetings with business per year

% of service levels reported
% of service levels reported in an automated way
% of business stakeholders satisfied that service delivery meets agreed-upon
levels

-------------------------------------------------------------------------------38 ) Which of the following is a Key Performance Indicators?

a)
b)
c)
d)

% of projects on time, on budget

% of projects meeting stakeholder expectations
% of stakeholders participating in projects (involvement index)
% of projects in annual IT plan subject to feasibility study

-------------------------------------------------------------------------------39 ) The COBIT Framework links:

a)
b)
c)
d)

managements IT expectations to managements IT responsibilities

audits IT expectations to managements IT expectations
managements IT expectations to audits IT responsibilities
managements IT expectations to business management responsibilities

--------------------------------------------------------------------------------

40 ) COBIT Framework can be used only in large organizations

a) True
b) False

RESPOSTAS
1. a
6. b
11. b
16. c
21. d
26. c
31. d
36. a

2. c
7. d
12. d
17. c
22. b
27. c
32. d
37. d

3. b
8. c
13. d
18. c
23. d
28. c
33. d
38. c

4. d
9. b
14. a
19. c
24. a
29. a
34. a
39. a

5. d
10. a
15. d
20. a
25. a
30. b
35. d
40. b