Isaca Cobit 2019 Cobit 2019 Foundation

1. What is the primary purpose of COBIT 2019?

To provide a framework for IT governance and management

To replace all existing IT frameworks

To focus solely on IT security

To provide hardware recommendations

2. Which component is NOT part of the COBIT 2019 framework?

ITIL service practices

Governance system principles

Performance management

Governance and management objectives

3. What is a key benefit of using COBIT 2019?

Improved alignment of IT with business objectives

Reduced software development time

Hardware lifecycle management

Enforcement of legal regulations

4. Which domain focuses on ensuring stakeholder value is optimized?

Evaluate, Direct, and Monitor (EDM)

Align, Plan, and Organize (APO)

Deliver, Service, and Support (DSS)

Build, Acquire, and Implement (BAI)

5. What type of framework is COBIT 2019 classified as?

IT governance and management framework

Project management framework

Security policy framework

Application development framework

6. Which COBIT 2019 component addresses the organizational structures?

Governance system components

Framework core

Risk management

Performance model

7. What is the role of performance management in COBIT 2019?

To monitor and evaluate governance processes

To enforce compliance policies

To develop new IT applications

To provide hardware specifications

8. Which principle emphasizes the need to tailor COBIT 2019 to an organization’s needs?

Governance customization

Framework adaptation

Agile methodology

Digital transformation

9. Which document in COBIT 2019 provides implementation guidance?

COBIT Implementation Guide

Governance Model Overview

Performance Metrics Handbook

ITIL Framework

10. What does the acronym COBIT stand for?

Control Objectives for Information and Related Technologies

Corporate Objectives for Business and IT

Centralized Operations for Business IT

Compliance and Oversight for Business IT

11. Which framework is COBIT 2019 compatible with?

ITIL and ISO/IEC 27001

PMBOK only

PRINCE2 only

None of the above

12. Which governance objective in COBIT 2019 is about managing risks?

APO12

DSS01

EDM02

BAI03

13. Which domain deals with IT operations and service delivery?

Deliver, Service, and Support (DSS)

Evaluate, Direct, and Monitor (EDM)

Build, Acquire, and Implement (BAI)

Align, Plan, and Organize (APO)

14. What is the purpose of governance in COBIT 2019?

To ensure stakeholders’ objectives are achieved

To monitor hardware performance

To define software specifications

To enforce IT policies

15. What does COBIT 2019 promote in terms of value delivery?

Optimized resource use and benefit realization

Quick software implementation

Hardware maintenance

Data encryption

16. Which component provides a detailed description of governance objectives?

COBIT Core Model

Performance Metrics Handbook

Risk Management Guide

IT Policy Manual

17. Which COBIT 2019 domain covers strategic decision-making?

Evaluate, Direct, and Monitor (EDM)

Deliver, Service, and Support (DSS)

Build, Acquire, and Implement (BAI)

Align, Plan, and Organize (APO)

18. Which COBIT 2019 publication focuses on governance implementation?

COBIT Design Guide

COBIT Core

ITIL Handbook

ISO/IEC 27001 Guide

19. Which component supports aligning IT with business strategy?

Governance and Management Objectives

Service Level Agreements

Risk Assessments

Data Encryption Policies

20. What is a primary focus of COBIT 2019?

Enabling value creation through effective governance

Reducing software errors

Improving data encryption

Managing physical infrastructure

21. Which COBIT 2019 domain includes objectives related to risk management?

Align, Plan, and Organize (APO)

Build, Acquire, and Implement (BAI)

Monitor, Evaluate, and Assess (MEA)

Deliver, Service, and Support (DSS)

22. What is the purpose of the **Evaluate, Direct, and Monitor (EDM)** domain?

Ensure governance oversight and stakeholder value

Manage IT operations

Implement new systems

Develop software

23. Which objective ensures IT investments align with business priorities?

APO05 (Manage Portfolio)

BAI02 (Manage Requirements)

DSS06 (Manage Business Process Controls)

EDM03 (Ensure Risk Optimization)

24. Which domain includes **BAI06 (Manage Changes)**?

Build, Acquire, and Implement

Deliver, Service, and Support

Align, Plan, and Organize

Monitor, Evaluate, and Assess

25. What does **DSS02 (Manage Service Requests and Incidents)** focus on?

IT service delivery and support

Strategic planning

Risk assessment

Software development

26. Which objective ensures compliance with laws and regulations?

APO03 (Manage Enterprise Architecture)

BAI09 (Manage Assets)

DSS05 (Manage Security Services)

MEA02 (Monitor and Evaluate Compliance)

27. Which domain includes **EDM02 (Ensure Benefits Delivery)**?

Evaluate, Direct, and Monitor

Align, Plan, and Organize

Deliver, Service, and Support

Build, Acquire, and Implement

28. What is the focus of **APO13 (Manage Security)**?

Information security governance

Hardware procurement

Software licensing

Data center cooling

29. Which objective ensures IT resources are used optimally?

APO12 (Manage Risk)

BAI04 (Manage Availability and Capacity)

DSS03 (Manage Problems)

EDM01 (Ensure Governance Framework)

30. Which domain includes **MEA01 (Monitor and Evaluate Performance)**?

Monitor, Evaluate, and Assess

Align, Plan, and Organize

Deliver, Service, and Support

Build, Acquire, and Implement

31. How many governance system principles does COBIT 2019 define?

6

5

4

7

32. Which principle emphasizes stakeholder needs?

Provide Stakeholder Value

Holistic Approach

Dynamic Governance System

End-to-End Governance

33. What does the **Holistic Approach** principle ensure?

All governance components are interconnected

IT security is prioritized

Budgets are minimized

Only critical systems are monitored

34. Which principle requires adapting governance to organizational context?

Tailored Governance System

Dynamic Governance System

Integrated Governance Approach

Stakeholder-Centric Governance

35. What is the focus of the **End-to-End Governance** principle?

Coverage across all organizational layers

Focus on IT operations only

Exclude third-party vendors

Limit governance to executive level

36. Which principle ensures governance evolves with business needs?

Dynamic Governance System

Static Governance Framework

Fixed Governance Model

Regulatory Compliance Focus

37. What are the four performance management categories in COBIT 2019?

Outcomes, Enablers, Goals, Metrics

Risks, Controls, Audits, Reports

Inputs, Processes, Outputs, Feedback

Strategy, Tactics, Operations, Compliance

38. Which metric measures the efficiency of IT processes?

Process Cycle Time

Number of Incidents

Budget Variance

Employee Satisfaction

39. What is the purpose of **Leading Indicators** in performance management?

Predict future performance

Audit past activities

Document compliance

Track hardware failures

40. Which dimension of the COBIT performance model assesses skills and culture?

People, Skills, and Competencies

Processes

Information

Services and Infrastructure

41. What does **Lagging Indicators** measure?

Historical performance

Future risks

Employee training needs

Software development speed

42. How many design factors does COBIT 2019 identify for tailoring governance?

11

8

5

15

43. Which design factor assesses organizational size and complexity?

Enterprise Strategy

Risk Profile

Enterprise Size

Regulatory Requirements

44. What is the impact of the **Risk Profile** design factor?

Determines risk management focus

Defines IT budget

Sets employee count

Chooses software vendors

45. Which design factor aligns governance with industry standards?

Compliance Requirements

Technology Adoption

Enterprise Culture

Role of IT

46. What is the first step in the COBIT 2019 implementation lifecycle?

Understand Context and Needs

Define Governance Framework

Implement Improvements

Monitor and Evaluate

47. Which guide provides a roadmap for COBIT adoption?

COBIT Implementation Guide

COBIT Core Model

Design Guide

Performance Management Guide

48. What is the purpose of a **Pain Point Analysis** in implementation?

Identify critical governance gaps

Audit financial statements

Train employees

Select software tools

49. Which focus area addresses digital transformation?

Digital and Technology

Risk Management

Information Security

Regulatory Compliance

50. What does the **Small and Medium Enterprises** focus area provide?

Tailored guidance for smaller organizations

Hardware specifications

Cloud migration strategies

Global compliance standards

51. Which publication provides detailed process descriptions?

COBIT Core Model

Implementation Guide

Design Guide

Performance Management Guide

52. What is the role of **Enablers** in COBIT 2019?

Factors that support governance objectives

Security controls

Audit checklists

Budget templates

53. Which component ensures governance is measurable?

Performance Management

Design Factors

Focus Areas

Implementation Guide

54. What does **EDM01 (Ensure Governance Framework)** address?

Establishing governance structures

Managing IT incidents

Developing software

Procuring hardware

55. Which domain includes **APO07 (Manage Human Resources)**?

Align, Plan, and Organize

Build, Acquire, and Implement

Deliver, Service, and Support

Monitor, Evaluate, and Assess

56. What is the output of the **Design Guide**?

Tailored governance system

Risk assessment report

Software prototype

Budget forecast

57. Which principle ensures governance covers all IT processes?

End-to-End Governance

Dynamic Governance System

Tailored Governance System

Holistic Approach

58. Which design factor influences cloud adoption strategies?

Technology Adoption

Enterprise Size

Regulatory Requirements

Risk Profile

59. Which focus area is relevant for GDPR compliance?

Regulatory Compliance

Digital and Technology

Small and Medium Enterprises

Risk Management

60. What is the final step in the COBIT implementation lifecycle?

Monitor and Evaluate

Define Governance Framework

Implement Improvements

Understand Context and Needs

61. Which COBIT component describes the organizational structures needed for governance?

Governance and Management Objectives

Process Descriptions

Organizational Structures

Culture and Ethics

62. What is the purpose of the COBIT Performance Management component?

To define how governance is measured and monitored

To implement IT security controls

To develop software applications

To manage hardware procurement

63. Which enabler category includes policies and procedures?

Processes

Organizational Structures

Culture and Ethics

Principles, Policies and Frameworks

64. What does the 'Balanced Scorecard' approach measure in COBIT?

Performance across multiple dimensions

Financial metrics only

Employee satisfaction

Hardware utilization

65. Which domain would address the management of IT-related risks?

APO12 (Manage Risk)

BAI06 (Manage Changes)

DSS03 (Manage Problems)

MEA01 (Monitor Performance)

66. What is the primary output of the 'Direct' activity in EDM?

Strategic decisions and directives

Operational reports

Risk assessments

Project plans

67. Which design factor considers the organization's approach to risk taking?

Risk Appetite

Enterprise Strategy

Regulatory Requirements

Technology Adoption

68. What does the 'Monitor' activity in EDM ensure?

Governance system remains effective

Daily operations run smoothly

Projects are completed on time

Budgets are strictly followed

69. Which APO process ensures IT investments align with business needs?

APO05 (Manage Portfolio)

APO02 (Manage Strategy)

APO07 (Manage HR)

APO13 (Manage Security)

70. What is the purpose of the 'Service Level Agreements' enabler?

Define expected service quality

Document security policies

Track employee performance

Manage software licenses

71. Which BAI process ensures changes are properly controlled?

BAI06 (Manage Changes)

BAI02 (Manage Requirements)

BAI09 (Manage Assets)

BAI04 (Manage Availability)

72. What does the 'Information' enabler category include?

Data required for decision making

IT infrastructure components

Organizational charts

Employee training materials

73. Which DSS process handles security incidents?

DSS05 (Manage Security Services)

DSS02 (Manage Service Requests)

DSS06 (Manage Business Controls)

DSS04 (Manage Continuity)

74. What is the purpose of capability levels in COBIT?

Assess process maturity

Measure employee performance

Evaluate hardware quality

Determine software licensing needs

75. Which MEA process evaluates compliance with policies?

MEA02 (Monitor Compliance)

MEA01 (Monitor Performance)

MEA03 (Monitor System)

MEA04 (Monitor Controls)

76. What does the 'Culture and Ethics' enabler address?

Organizational behavior and values

Physical work environment

Dress code policies

Office location strategy

77. Which design factor considers the organization's industry sector?

Industry Factors

Enterprise Size

Risk Profile

Technology Adoption

78. What is the purpose of the COBIT Goals Cascade?

Align enterprise goals with IT goals

Prioritize software projects

Allocate budgets

Schedule employee training

79. Which APO process manages relationships with stakeholders?

APO06 (Manage Budget)

APO08 (Manage Relationships)

APO10 (Manage Vendors)

APO12 (Manage Risk)

80. What does the 'Services, Infrastructure and Applications' enabler include?

IT infrastructure and business applications

Office buildings

Company vehicles

Employee benefits

81. Which DSS process ensures business continuity?

DSS04 (Manage Continuity)

DSS01 (Manage Operations)

DSS03 (Manage Problems)

DSS06 (Manage Controls)

82. What is the purpose of the 'Monitor, Evaluate and Assess (MEA)' domain?

Ensure governance system effectiveness

Develop new IT systems

Manage daily operations

Implement security controls

83. Which design factor considers the organization's growth plans?

Enterprise Strategy

Risk Profile

Compliance Requirements

Technology Adoption

84. What does the 'People, Skills and Competencies' enabler address?

Human resources capabilities

Physical assets

Financial resources

Intellectual property

85. Which BAI process manages quality requirements?

BAI03 (Manage Solutions)

BAI05 (Manage Quality)

BAI07 (Manage Acceptance)

BAI10 (Manage Configuration)

86. What is the purpose of the 'Evaluate' activity in EDM?

Assess governance system performance

Review employee performance

Evaluate vendor proposals

Assess market conditions

87. Which APO process manages IT budgets?

APO06 (Manage Budget)

APO03 (Manage Architecture)

APO09 (Manage Service Agreements)

APO11 (Manage Projects)

88. What does the 'Processes' enabler category include?

Structured sets of activities

Organizational charts

Physical assets

Financial reports

89. Which design factor considers the organization's geographic distribution?

Enterprise Size

Risk Profile

Enterprise Strategy

Enterprise Geography

90. What is the purpose of the 'Align, Plan and Organize (APO)' domain?

Ensure IT strategy aligns with business

Manage daily IT operations

Implement new systems

Monitor compliance

91. Which DSS process handles user requests?

DSS02 (Manage Service Requests)

DSS01 (Manage Operations)

DSS05 (Manage Security)

DSS06 (Manage Controls)

92. What does the 'Roles and Responsibilities' enabler define?

Who does what in governance

Office locations

Salary structures

Career paths

93. Which BAI process manages configuration items?

BAI10 (Manage Configuration)

BAI02 (Manage Requirements)

BAI06 (Manage Changes)

BAI09 (Manage Assets)

94. What is the purpose of the 'Build, Acquire and Implement (BAI)' domain?

Ensure solutions meet requirements

Manage strategic planning

Monitor performance

Direct investments

95. Which MEA process assesses internal controls?

MEA04 (Monitor Controls)

MEA01 (Monitor Performance)

MEA02 (Monitor Compliance)

MEA03 (Monitor System)

96. What does the 'Skills' enabler component address?

Employee capabilities

Physical abilities

Equipment functionality

Software features

97. Which design factor considers legal obligations?

Regulatory Requirements

Enterprise Strategy

Risk Profile

Technology Adoption

98. What is the purpose of the 'Deliver, Service and Support (DSS)' domain?

Ensure IT services meet requirements

Develop strategic plans

Evaluate governance

Direct investments

99. Which APO process manages enterprise architecture?

APO03 (Manage Architecture)

APO02 (Manage Strategy)

APO04 (Manage Innovation)

APO13 (Manage Security)

100. What does the 'Competencies' enabler component address?

Organizational capabilities

Individual qualifications

Technical specifications

Performance metrics

101. Which BAI process manages testing activities?

BAI07 (Manage Acceptance)

BAI03 (Manage Solutions)

BAI05 (Manage Quality)

BAI08 (Manage Knowledge)

102. What is the purpose of the 'Monitor' activity in EDM?

Assess governance system effectiveness

Track employee attendance

Monitor network performance

Watch security cameras

103. Which design factor considers the organization's technology roadmap?

Technology Adoption

Enterprise Strategy

Risk Profile

Compliance Requirements

104. What does the 'Governance and Management Objectives' component provide?

Structured set of governance requirements

Employee performance reviews

Financial statements

Marketing plans

105. Which DSS process manages IT operations?

DSS01 (Manage Operations)

DSS02 (Manage Service Requests)

DSS03 (Manage Problems)

DSS04 (Manage Continuity)

106. What is the purpose of the 'Direct' activity in EDM?

Make strategic decisions

Manage daily operations

Implement projects

Monitor compliance

107. Which APO process manages security strategies?

APO13 (Manage Security)

APO12 (Manage Risk)

APO07 (Manage HR)

APO09 (Manage Agreements)

108. What does the 'Principles' enabler component define?

Fundamental beliefs guiding governance

Mathematical formulas

Physical laws

Software algorithms

109. Which BAI process manages project portfolios?

BAI01 (Manage Programs)

BAI02 (Manage Requirements)

BAI04 (Manage Availability)

BAI06 (Manage Changes)

110. What is the purpose of the 'Evaluate' activity in EDM?

Assess governance performance

Evaluate employee performance

Assess vendor proposals

Review financial statements

111. Which design factor considers the organization's tolerance for risk?

Risk Appetite

Enterprise Strategy

Technology Adoption

Compliance Requirements

112. What does the 'Policies' enabler component establish?

Rules for decision making

Office locations

Salary scales

Product pricing

113. Which MEA process evaluates system operations?

MEA03 (Monitor System)

MEA01 (Monitor Performance)

MEA02 (Monitor Compliance)

MEA04 (Monitor Controls)

114. What is the purpose of the 'Align, Plan and Organize (APO)' domain?

Ensure IT supports business objectives

Manage daily operations

Implement new systems

Monitor security

115. Which DSS process manages problem resolution?

DSS03 (Manage Problems)

DSS01 (Manage Operations)

DSS05 (Manage Security)

DSS06 (Manage Controls)

116. What does the 'Frameworks' enabler component provide?

Structures for organizing governance

Physical building frames

Software architectures

Financial models

117. Which BAI process manages knowledge transfer?

BAI08 (Manage Knowledge)

BAI02 (Manage Requirements)

BAI05 (Manage Quality)

BAI09 (Manage Assets)

118. What is the purpose of the 'Monitor, Evaluate and Assess (MEA)' domain?

Ensure governance remains effective

Develop new systems

Manage operations

Implement security

119. Which design factor considers the organization's competitive environment?

Enterprise Strategy

Industry Factors

Risk Profile

Technology Adoption

120. What does the 'Organizational Structures' enabler define?

Decision-making hierarchies

Physical office layouts

Financial structures

Product architectures

121. Which APO process manages innovation initiatives?

APO04 (Manage Innovation)

APO02 (Manage Strategy)

APO05 (Manage Portfolio)

APO10 (Manage Vendors)

122. What is the purpose of the 'Build, Acquire and Implement (BAI)' domain?

Ensure solutions meet business needs

Develop strategic plans

Monitor performance

Direct investments

123. Which DSS process manages business process controls?

DSS06 (Manage Controls)

DSS02 (Manage Requests)

DSS04 (Manage Continuity)

DSS05 (Manage Security)

124. What does the 'Culture' enabler component influence?

Organizational behavior

Office decor

Dress code

Physical fitness

125. Which design factor considers the organization's compliance obligations?

Regulatory Requirements

Enterprise Strategy

Risk Profile

Technology Adoption

126. What is the purpose of the 'Evaluate, Direct and Monitor (EDM)' domain?

Ensure governance framework effectiveness

Manage IT operations

Implement new systems

Develop software

127. Which BAI process manages solution identification?

BAI03 (Manage Solutions)

BAI01 (Manage Programs)

BAI05 (Manage Quality)

BAI07 (Manage Acceptance)

128. What does the 'Ethics' enabler component establish?

Moral principles for decision making

Legal requirements

Financial rules

Technical standards

129. Which APO process manages vendor relationships?

APO10 (Manage Vendors)

APO08 (Manage Relationships)

APO12 (Manage Risk)

APO13 (Manage Security)

130. What is the purpose of the 'Deliver, Service and Support (DSS)' domain?

Ensure service delivery meets requirements

Develop strategic plans

Evaluate governance

Direct investments

131. Which MEA process monitors overall performance?

MEA01 (Monitor Performance)

MEA02 (Monitor Compliance)

MEA03 (Monitor System)

MEA04 (Monitor Controls)

132. What does the 'Information' enabler category include?

Data needed for decision making

IT infrastructure

Organizational charts

Employee records

133. Which design factor considers the organization's technology investments?

Technology Adoption

Enterprise Strategy

Risk Profile

Compliance Requirements

134. What is the purpose of the 'Build, Acquire and Implement (BAI)' domain?

Ensure solutions are properly implemented

Develop strategic plans

Monitor performance

Direct investments

135. Which APO process manages project portfolios?

APO05 (Manage Portfolio)

APO11 (Manage Projects)

APO06 (Manage Budget)

APO09 (Manage Agreements)

136. What does the 'Services' enabler component include?

IT services provided to the business

Employee benefits

Customer support

Financial services

137. Which BAI process manages asset lifecycles?

BAI09 (Manage Assets)

BAI02 (Manage Requirements)

BAI04 (Manage Availability)

BAI06 (Manage Changes)

138. What is the purpose of the 'Monitor, Evaluate and Assess (MEA)' domain?

Ensure continuous governance improvement

Develop new systems

Manage operations

Implement security

139. Which design factor considers the organization's legal environment?

Regulatory Requirements

Enterprise Strategy

Risk Profile

Technology Adoption

140. What does the 'Infrastructure' enabler component include?

Physical technology components

Office buildings

Transportation systems

Utility networks

141. Which APO process manages IT strategy?

APO02 (Manage Strategy)

APO01 (Manage Framework)

APO03 (Manage Architecture)

APO04 (Manage Innovation)

142. What is the purpose of the 'Evaluate, Direct and Monitor (EDM)' domain?

Ensure effective governance oversight

Manage IT operations

Implement new systems

Develop software

143. Which DSS process manages security services?

DSS05 (Manage Security)

DSS01 (Manage Operations)

DSS03 (Manage Problems)

DSS06 (Manage Controls)

144. What does the 'Applications' enabler component include?

Business software systems

Job applications

Grant proposals

Patent filings

145. Which design factor considers the organization's workforce distribution?

Enterprise Geography

Enterprise Size

Risk Profile

Technology Adoption

146. What is the purpose of the 'Align, Plan and Organize (APO)' domain?

Ensure IT aligns with business strategy

Manage daily operations

Implement new systems

Monitor security

147. Which BAI process manages requirements definition?

BAI02 (Manage Requirements)

BAI01 (Manage Programs)

BAI03 (Manage Solutions)

BAI05 (Manage Quality)

148. What does the 'People' enabler component address?

Human resources in the organization

Customer demographics

Population statistics

Community relations

149. Which MEA process evaluates system controls?

MEA04 (Monitor Controls)

MEA01 (Monitor Performance)

MEA02 (Monitor Compliance)

MEA03 (Monitor System)

150. What is the purpose of the COBIT Performance Management component?

Measure and monitor governance effectiveness

Track employee performance

Evaluate vendor performance

Measure customer satisfaction

Isaca Cobit 2019 Cobit 2019 Foundation Practice Test - Set 1

Exam Information

Support

Legal

Company

Connect With Us