















































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A practice exam focused on the cobit 5 it governance framework. It includes multiple-choice questions covering key concepts such as the five cobit 5 principles, enablers, governance objectives, and the goals cascade. Each question is followed by a detailed explanation of the correct answer, making it a valuable resource for students and professionals preparing for cobit 5 certification or seeking to deepen their understanding of it governance best practices. The exam covers topics such as process capability assessment, implementation lifecycle phases, and the relationship between principles and enablers. It also addresses common challenges in cobit 5 implementation and alignment with other frameworks like itil.
Typology: Exams
1 / 87
This page cannot be seen from the preview
Don't miss anything!
















































































Question 1. Which of the following is one of the five COBIT 5 principles? A) Focus on technology solutions B) Meet stakeholder needs C) Centralize decision‑making D) Prioritize cost reduction Answer: B Explanation: The principle “Meet stakeholder needs” ensures that governance decisions are aligned with the expectations of all interested parties. Question 2. In COBIT 5, which enabler deals with the way people understand and act on ethical issues? A) Processes B) Culture, ethics and behavior C) Information D) Organizational structures Answer: B Explanation: “Culture, ethics and behavior” is an enabler that shapes organizational attitudes toward ethical conduct and responsible behavior. Question 3. The governance objective “Evaluate, Direct, Monitor” (EDM) belongs to which domain? A) Governance B) Management C) Process D) Capability Answer: A
Explanation: EDM is the core set of governance activities that sit at the top of the COBIT 5 framework. Question 4. Which process domain includes the activity “Plan and Organize” (APO)? A) Build, Acquire, and Implement (BAI) B) Deliver, Service and Support (DSS) C) Monitor, Evaluate and Assess (MEA) D) Align, Plan and Organize (APO) Answer: D Explanation: APO is the first of the four management domains and focuses on planning and organizing IT resources. Question 5. In the Goals Cascade, which level directly translates stakeholder needs into enterprise goals? A) IT‑related goals B) Enabler goals C) Enterprise goals D) Process goals Answer: C Explanation: The cascade moves from stakeholder needs → enterprise goals → IT‑related goals → enabler goals. Question 6. Which of the following is a typical driver for initiating a COBIT 5 implementation? A) Desire to increase marketing spend B) External regulatory compliance pressure C) Preference for a single‑vendor solution
B) Conduct a current state assessment C) Deploy new technology solutions D) Celebrate project completion Answer: B Explanation: Phase 2 focuses on assessing the current governance maturity and identifying gaps. Question 10. In the Process Capability Assessment Model (PAM), Level 3 indicates that a process is: A) Incomplete B) Performed C) Managed D) Established Answer: D Explanation: Level 3 (Established) means the process is defined, standardized, and well‑documented. Question 11. Which of the following is NOT one of the nine Process Attributes (PA) in COBIT 5 PAM? A) PA 1.1 – Process Performance B) PA 2.2 – Process Management C) PA 3.3 – Process Control D) PA 4.1 – Process Measurement Answer: C Explanation: PA 3.3 does not exist; the correct attributes are PA 3.1 – Process Governance, PA 3.2 – Process Management, etc.
Question 12. Which rating scale term indicates that a process attribute is fully meeting its objective? A) Not Achieved B) Partially Achieved C) Largely Achieved D) Fully Achieved Answer: D Explanation: “Fully Achieved” is the highest rating in the PAM scale. Question 13. A common obstacle that can cause scope creep during a COBIT 5 implementation is: A) Excessive executive sponsorship B) Clear, documented objectives C) Uncontrolled addition of new processes D) Strong change‑management plan Answer: C Explanation: Adding new processes or requirements without proper control expands the project scope unintentionally. Question 14. Which framework is most closely aligned with COBIT 5’s focus on service delivery? A) ITIL B) TOGAF C) ISO 9001 D) PRINCE Answer: A
D) Organizational Structures Answer: C Explanation: This enabler specifically addresses the human capital required for effective governance. Question 18. In the Goals Cascade, which level translates IT‑related goals into Enabler goals? A) Stakeholder needs B) Enterprise goals C) IT‑related goals D) Enabler goals Answer: D Explanation: Enabler goals are derived from IT‑related goals to guide the configuration of enablers. Question 19. What does the “Monitor, Evaluate and Assess” (MEA) domain focus on? A) Designing new IT solutions B) Measuring performance and compliance C) Defining governance policies D) Managing vendor contracts Answer: B Explanation: MEA provides the mechanisms for monitoring, evaluating, and assessing governance outcomes. Question 20. Which capability level indicates that a process can predict its outcomes? A) Level 2 – Managed
B) Level 3 – Established C) Level 4 – Predictable D) Level 5 – Optimizing Answer: C Explanation: Level 4 (Predictable) means the process’s performance is measured and can be forecasted. Question 21. Which of the following best describes the relationship between COBIT 5 principles and enablers? A) Principles are optional; enablers are mandatory. B) Principles guide the design of enablers. C) Enablers replace the need for principles. D) Principles are only for governance, not management. Answer: B Explanation: The principles provide the overarching philosophy, while enablers are the mechanisms that realize those principles. Question 22. In Phase 5 (“How Do We Get There?”) which activity is essential for overcoming resistance? A) Conducting a final audit B) Communicating benefits and training users C) Defining enterprise goals D) Assessing current capability levels Answer: B Explanation: Effective communication and training are key to managing change resistance during implementation.
Explanation: “Ensure information security” is an IT‑related goal that can be mapped to specific COBIT processes. Question 26. Which enabler provides the “data” needed for decision‑making in governance? A) People, Skills and Competencies B) Information C) Organizational Structures D) Culture, Ethics and Behavior Answer: B Explanation: The “Information” enabler supplies the accurate data required for governance decisions. Question 27. A “process capability level of 0” indicates that the process is: A) Fully optimized B) Incomplete or not performed C) Managed but not measured D) Established with documented procedures Answer: B Explanation: Level 0 means the process is incomplete or not performed at all. Question 28. Which of the following is an example of a “Governance” activity rather than a “Management” activity? A) Running daily IT operations B) Developing a project plan C) Directing IT investment decisions
D) Configuring a server Answer: C Explanation: Directing IT investment aligns with governance (EDM) rather than day‑to‑day management. Question 29. In COBIT 5, which principle ensures that governance covers the whole enterprise and not just IT? A) Cover the enterprise end‑to‑end B) Separate governance from management C) Meet stakeholder needs D) Enable a holistic approach Answer: A Explanation: “Cover the enterprise end‑to‑end” mandates governance to span all business processes, not just IT. Question 30. Which of the following actions is part of Phase 1 (“What Are the Drivers?”)? A) Conducting a detailed risk assessment B) Identifying and prioritizing enterprise drivers and pain points C) Designing new organizational structures D) Implementing a new service desk tool Answer: B Explanation: Phase 1 focuses on discovering why governance improvement is needed. Question 31. Which of the following best describes a “process attribute” in the PAM model? A) A metric used for financial reporting
Question 34. How does COBIT 5 integrate with ISO 27001? A) COBIT 5 replaces ISO 27001 entirely. B) COBIT 5 provides governance while ISO 27001 focuses on information security controls. C) ISO 27001 is a subset of COBIT 5 processes. D) They are mutually exclusive frameworks. Answer: B Explanation: COBIT 5 governs the overall IT function, while ISO 27001 delivers detailed security controls. Question 35. Which of the following is an example of an “Enterprise Goal” in the Goals Cascade? A) Ensure regulatory compliance B) Increase stakeholder value C) Optimize IT service availability D) Reduce data center energy consumption Answer: B Explanation: “Increase stakeholder value” is a high‑level business objective that drives downstream IT‑related goals. Question 36. In the context of COBIT 5, what does “separating governance from management” mean? A) Governance and management should be performed by the same individuals. B) Governance activities are performed by the board, while management activities are performed by operational staff. C) Governance focuses on financial reporting only. D) Management decides on strategic direction. Answer: B
Explanation: Governance (EDM) is the board’s responsibility, while management (APO, BAI, DSS, MEA) handles day‑to‑day execution. Question 37. Which of the following best illustrates a “process capability improvement” activity? A) Purchasing new hardware B) Conducting a stakeholder satisfaction survey C) Defining measurable performance indicators for a process D) Updating the corporate logo Answer: C Explanation: Establishing performance indicators helps move a process to a higher capability level. Question 38. Which phase of the COBIT 5 Implementation Lifecycle includes the creation of a business case? A) Phase 2 – Current State Assessment B) Phase 3 – Target State Definition C) Phase 4 – Planning and Design D) Phase 5 – Implementation Answer: B Explanation: In Phase 3, the organization defines the target state and builds a business case to justify the investment. Question 39. What is the purpose of a “RACI chart” in COBIT 5 implementations? A) To allocate budget across projects B) To map responsibilities for each activity C) To assess process maturity levels
C) Completed implementation roadmap D) Post‑implementation review report Answer: B Explanation: Phase 4 uses the drivers, gaps, and target state information to design the solution. Question 43. Which enabler would you primarily modify to improve “knowledge sharing across the organization”? A) Processes B) Information C) Organizational Structures D) Culture, Ethics and Behavior Answer: B Explanation: Enhancing the “Information” enabler ensures that knowledge is captured, stored, and disseminated effectively. Question 44. Which of the following statements about “Stakeholder Needs” in the Goals Cascade is true? A) They are derived from IT‑related goals. B) They are the starting point for the cascade. C) They are optional and can be omitted. D) They are the same as enterprise goals. Answer: B Explanation: Stakeholder needs are identified first and drive the rest of the cascade. Question 45. What does the “Predictable” capability level (Level 4) require in terms of measurement?
A) No measurement is needed. B) Ad‑hoc measurements for occasional issues. C) Systematic measurement and statistical analysis of process performance. D) Only qualitative feedback from users. Answer: C Explanation: Level 4 demands systematic, quantitative measurement to predict outcomes. Question 46. Which of the following is an example of a “Management” objective in COBIT 5? A) Direct IT investment decisions B) Monitor compliance with external regulations C) Build, Acquire, and Implement new services (BAI) D) Evaluate the effectiveness of governance structures Answer: C Explanation: BAI is a management domain focused on planning and execution of IT solutions. Question 47. In Phase 7 (“Continuous Improvement”), which activity helps keep momentum? A) Closing all project documentation B) Establishing an ongoing Governance Programme C) Disbanding the implementation team D) Freezing all future changes Answer: B Explanation: An ongoing Governance Programme institutionalizes continuous monitoring and improvement.
Explanation: TOGAF provides enterprise architecture guidance, which aligns with COBIT 5’s governance of IT resources. Question 51. Which of the following is a typical output of Phase 3 (Target State Definition)? A) Detailed implementation schedule B) List of current process capability levels C) Defined target capability levels for selected processes D) Final audit report of governance effectiveness Answer: C Explanation: Phase 3 establishes the desired future capability levels for the chosen processes. Question 52. In COBIT 5, which enabler is most directly related to “roles and responsibilities”? A) Culture, Ethics and Behavior B) Organizational Structures C) Information D) Processes Answer: B Explanation: Organizational structures define reporting lines, roles, and responsibilities. Question 53. Which of the following statements about “Change Enablement” in COBIT 5 is correct? A) It is optional and only needed for large projects. B) It focuses solely on technology upgrades. C) It includes principles for managing resistance and building momentum. D) It replaces the need for a RACI chart.
Answer: C Explanation: Change enablement addresses resistance, communication, and sustaining momentum throughout the implementation. Question 54. Which process domain includes activities such as “Incident Management” and “Problem Management”? A) Align, Plan and Organize (APO) B) Build, Acquire, and Implement (BAI) C) Deliver, Service and Support (DSS) D) Monitor, Evaluate and Assess (MEA) Answer: C Explanation: DSS covers service delivery, including incident and problem management. Question 55. Which of the following is NOT a typical driver for IT governance improvement? A) Internal pain points such as frequent outages B) External regulatory changes C) Desire to increase the number of IT projects without oversight D) Competitive pressure to improve service quality Answer: C Explanation: Increasing projects without oversight runs contrary to governance objectives. Question 56. Which of the following best describes the “Enterprise Goal” of “Enable Innovation”? A) A specific IT security control B) A high‑level business objective that can be supported by IT processes