Domain 2: Task 1

Question 1

• An IS auditor must be able to understand and provide assurance that the organization has:

Answer 1

a. Structure
b. Accountability Mechanisms
c. Monitoring Practices
d. Policies

Question 2

• For an IS auditor, the knowledge of IT governance forms the foundation for:

Answer 2

a. Evaluating Control Practices

b. Mechanisms for Management Oversight and Review

Question 3

• A goal of GEIT implementation is to provide a system in which all ____ and ____ provide input into the decision-making process.

Answer 3

a. stakeholders

b. departments

Question 4

• GEIT seeks to ensure that IT performance meets enterprise objectives by:

Answer 4

a. alignment of objectives

b. realization of benefits

Question 5

• The GEIT framework provides feedback regarding:

Answer 5

a. How IT delivers value to the enterprise

b. How IT risk is properly managed

Question 6

• The processes of GEIT implementation must include:

Answer 6

a. IT Resource Management
b. Performance Measurement
c. Compliance Management

Question 7

Summarize the objective of IT Resource Management.

Answer 7

a. focuses on maintaining updated inventory of IT resources, and
b. addresses risk management process.

Question 8

Summarize the objective of Performance Measurement.

Answer 8

a. ensures that all IT resources perform to deliver value to the enterprise.

Question 9

Summarize the areas of compliance requirements that Compliance Management addresses.

Answer 9

a. legal,
b. regulatory, and
c. contractual.

Question 10

To help business succeed, IT becomes an integral part of ____, not just merely ______

Answer 10

a. an enterprise’s strategy

b. an enabler.

Question 11

To help business succeed, strategic alignment between ____ and ____ becomes a ____, leading to the achievement of ____.

Answer 11

a. IT
b. enterprise objectives
c. critical success factor
d. business value

Question 12

The focus areas of Executive Management supporting Value Creation:

Answer 12

a. Benefits Realization,
b. Risk Optimization, and
c. Resource Optimization.

Question 13

GEIT helps the enterprise through:

Answer 13

a. incorporating and normalizing best practices. (Integrating)
b. enabling full leverage of information (Facilitating)
c. helping to form the relationships and processes used to direct and control the enterprise toward its goals, balanced with risk. (Structuring)

Question 14

Examples of GEIT frameworks are:

Answer 14

a. COBIT 5
b. ISO/IEC 27001 Series
c. ITIL
d. IT Baseline Protection Catalogs
e. Information Security Management Maturity Model (ISM3)
f. ISO/IEC 38500:2008
g. ISO/IEC 20000

Question 15

The Audit function helps the enterprise by

Answer 15

a. providing recommendations to senior management.
b. providing independent and balance reviews
c. ensuring compliance.

Question 16

• For GEIT, the Terms of Reference must address:

Answer 16

a. Scope of Work
b. Reporting Lines
c. Right of Access to information.

Question 17

Measures of GEIT for assessment are:

Answer 17

a. Enterprise Governance and GEIT alignment,
b. IT alignment with organizational mission, vision, values, objectives, and strategies;
c. achievement of performance objectives;
d. legal, environmental, information quality, fiduciary, security, and privacy requirements.
e. inherent risk in the IS environment
f. IT investment/expenditure.

Question 18

Enterprise Architecture addresses the perspectives of :

Answer 18

a. the technology

b. the business

Question 19

The reference models of the Federal Enterprise Architecture include:

Answer 19

a. Performance
b. Business
c. Service component
d. Technical
e. Data