ISACA CGEIT Certification Practice Test Set 2

Which of the following components work to support achievements of the enterprise's mission, strategies, and related business objectives in an internal control system? Each correct answer represents a complete solution. Choose all that apply


Options are :

  • Control activities
  • Strategic alignment
  • Control environment
  • Risk assessment

Answer : Control activities Control environment Risk assessment

ISACA CGEIT Certification Practice Test Set 3

You work as the project manager for Bluewell Inc. You are working on NGQQ Project for your company. You have completed the risk analysis processes for the risk events. You and the project team have created risk responses for most of the identified project risks. Which of the following risk response planning techniques will you use to shift the impact of a threat to a hird party, together with the responses?


Options are :

  • Risk avoidance
  • Risk transference
  • Risk mitigation
  • Risk acceptance

Answer : Risk transference

Which of the following ISO standards defines the corporate governance of IT?


Options are :

  • ISO 20000
  • ISO 27001
  • ISO 38500
  • ISO 9000

Answer : ISO 38500

Gary is the project manager of the MMQ project for his company. He is working with his project team to plan the risk responses for his project. Sarah, a project team member, does not understand the process that Gary is using to plan the risk responses. Which approach is the preferred method to address project risks and the risk responses?


Options are :

  • Risks in the project should be addressed by the organization's risk tolerance for creating risk responses
  • Risks in the project should be addressed by their priority for creating risk responses.
  • Risks in the project should be addressed by their probability for creating risk responses.
  • Risks in the project should be addressed by their impact for creating risk responses.

Answer : Risks in the project should be addressed by their priority for creating risk responses.

ISACA CGEIT Certification Certification Practical Test Set 1

Which of the following processes contained in the Portfolio Management domain of Val IT establishes an investment threshold?


Options are :

  • PM7
  • PM6
  • PM4
  • PM5

Answer : PM6

Which of the following processes contained in the Portfolio Management domain of Val IT identifies resource requirements?


Options are :

  • PM3
  • PM4
  • PM2
  • PM5

Answer : PM2

Which of the following activity loops describes improvement of the existing processes?


Options are :

  • Loop 1
  • Loop 2
  • Loop 3
  • Loop 4

Answer : Loop 2

ISACA CGEIT Certification Certification Practical Test Set 2

What project management plan is most likely to direct the quantitative risk analysis process for a project in a matrix environment?


Options are :

  • Risk management plan
  • Human resource management plan
  • Risk analysis plan
  • Staffing management plan

Answer : Risk management plan

Which of the following processes contained in the Value Governance domain of Val IT establishes the organizational structures?


Options are :

  • VG7
  • VG6
  • VG8
  • VG9

Answer : VG7

Which of the following domains of COBIT covers the use of information & technology, and how best it can be used in a company to help achieve the company's goals and objectives?


Options are :

  • Monitor and Evaluate
  • Acquire and Implement
  • Deliver and Support
  • Plan and Organize

Answer : Plan and Organize

ISACA CGEIT Certification Certification Practical Test Set 3

Which of the following steps are performed in the Scoping phase of IT Assurance methodology? Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • Select the control objectives for critical processes.
  • Customize control objectives.
  • Scope and plan assurance initiatives.
  • Assess process maturity.

Answer : Select the control objectives for critical processes. Customize control objectives. Scope and plan assurance initiatives.

Which of the following planned and purposeful management processes are required by Strategic Alignment? Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • Evaluating, post implementation, benefits delivered by IT
  • Clarifying the role that IT should play
  • Aligning IT strategy with the business strategy
  • Creating and sustaining awareness of the strategic role of IT at a top management level

Answer : Evaluating, post implementation, benefits delivered by IT Clarifying the role that IT should play Creating and sustaining awareness of the strategic role of IT at a top management level

Which of the following are the objectives of Service Level Management (SLM)? 1. To negotiate SLAs with the customers & to design services in accordance with the agreed service level targets. 2. Defining, documenting, and agreeing the level of IT Services to be provided. 3. Identifying possible future markets that the Service Provider could operate in. 4. Monitoring, measuring, and reporting the actual level of services provided. 5. Monitoring and improving customer satisfaction.


Options are :

  • 1, 2, 4, and 5 only
  • 1, 2, 3, and 5 only
  • 1, 2, 3, 4, and 5
  • 1, 2, and 3 only

Answer : 1, 2, 4, and 5 only

ISACA CGEIT Certification Certification Practical Test Set 4

Software Development Life Cycle (SDLC) is a logical process used by programmers to develop software. Which of the following SDLC phases meets the audit objectives defined below? •System and data are validated. •System meets all user requirements. •System meets all control requirements.


Options are :

  • Evaluation and acceptance
  • Programming and training
  • Definition
  • Initiation

Answer : Evaluation and acceptance

Which of the following are commonly used terms when discussing service improvement outcomes? 1)Improvements 2)Benefits 3)Return On Investment (ROI) 4)Value On Investment(VOI) 5) Resources


Options are :

  • 2, 3, 4, and 5 only
  • 1, 2, and 4 only
  • 1, 2, 3, and 4 only
  • 2, 3, and 5 only

Answer : 1, 2, 3, and 4 only

Which of the following strategies includes marketing strategies, new product development strategies, HR strategies and, financial strategies?


Options are :

  • Functional strategy
  • Corporate strategy
  • Operational strategy
  • Business strategy

Answer : Functional strategy

ISACA CGEIT Certification Certification Practical Test Set 5

Jeff works as a project manager for BlueWell Inc. He is determining which risks can affect the project. Which of the following are the inputs to the identify risks process that Jeff will use to accomplish the task? Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • Risk register
  • Activity cost estimates
  • Scope baseline
  • Risk management plan

Answer : Activity cost estimates Scope baseline Risk management plan

Which of the following stages of the Forrester's IT Governance Maturity Model states that there are no proper IT governance processes, and it is not documented by management as a requirement?


Options are :

  • Stage 4-Best practices
  • Stage 3-Consistent
  • Stage 1-Ad hoc
  • Stage 2-Fragmented

Answer : Stage 1-Ad hoc

Which of the following frameworks describes an enterprise view of all project management activities and how these activities contribute to the success of the organization?


Options are :

  • Casualty Actuarial Society framework
  • Enterprise project management (EPM)
  • COSO ERM
  • COBIT

Answer : Enterprise project management (EPM)

ISACA CGEIT Certification Certification Practical Test Set 6

You are the project manager for ABC project. You are planning for when and how human resource requirements will be met. You are working on ____.


Options are :

  • Project organization chart
  • Staffing management plan
  • Scope management plan
  • Resource calendar

Answer : Staffing management plan

Which of the following types of IT organizational structures states that all IT decision making and the IT budget are in one place, much easier to manage, and require much less effort to organize?


Options are :

  • Centralized
  • Federated
  • Project-based
  • Decentralized

Answer : Centralized

ISACA CGEIT Certification Certification Practical Test Set 7

Your project spans the entire organization. You would like to assess the risk of the project but are worried that some of the managers involved in the project could affect the outcome of any risk identification meeting. Your worry is based on the fact that some employees would not want to publicly identify risk events that could make their supervisors look bad. You would like a method that would allow participants to anonymously identify risk events. What risk identification method could you use?


Options are :

  • Isolated pilot groups
  • Root cause analysis
  • Delphi technique
  • SWOT analysis

Answer : Delphi technique

Which of the following domains of COBIT covers areas such as the execution of the applications within the IT system and its results as well as the support processes that enable the effective and efficient execution of these IT systems?


Options are :

  • Plan and Organize
  • Monitor and Evaluate
  • Acquire and Implement
  • Deliver and Support

Answer : Deliver and Support

IT Governance is used by the management to regulate the Information Systems, to accomplish its objectives. IT governance forms an integral part of corporate governance. Which of the following elements are required to implement a good IT governance framework? Each correct answer represents a complete solution. Choose all that apply.


Options are :

  • Process
  • Communication
  • Structure
  • Project

Answer : Process Communication Structure

ISACA CGEIT Certification Certification Practical Test Set 8

Management has asked you to perform a risk audit and report back on the results. Bonny, a project team member asks you what a risk audit is. What do you tell Bonny?


Options are :

  • A risk audit is a review of the effectiveness of the risk responses in dealing with identified risks and their root causes, as well as the effectiveness of the risk management process.
  • A risk audit is a review of all the risk probability and impact for the risks, which are still present in the project but which have not yet occurred.
  • A risk audit is a review of all the risks that have yet to occur and what their probability of happening are.
  • A risk audit is an audit of all the risks that have occurred in the project and what their true impact on cost and time has been.

Answer : A risk audit is a review of the effectiveness of the risk responses in dealing with identified risks and their root causes, as well as the effectiveness of the risk management process.

Benchmarking is a continuous process that can be time consuming to do correctly. Which of the following guidelines for performing benchmarking identifies the critical processes and creates measurement techniques to grade the process?


Options are :

  • Improve
  • Research
  • Adapt
  • Plan

Answer : Plan

Which of the following roles is responsible for review and risk analysis of all contracts on a regular basis?


Options are :

  • The Service Catalogue Manager
  • The Supplier Manager
  • The Configuration Manager
  • The IT Service Continuity Manager

Answer : The Supplier Manager

ISACA CGEIT Certification Practice Test Set 1

Gary has identified a project risk that could injure project team members. He does not want to accept any risk where someone could become injured on this project so he hires a professional vendor to complete this portion of the project work. This workaround to the risk event is known as what type of risk response?


Options are :

  • Acceptance
  • Mitigation
  • Avoidance
  • Transference

Answer : Transference

You are the project manager of a newly formed project to create a new manufacturing facility. You are working with a business analyst to identify, document, & prioritize stakeholders' needs for the facility. You'll also need to quantify any subjective terms and needs to define the project scope. What is this process called?


Options are :

  • Project scope statement creation
  • Requirements analysis
  • Requirements gathering
  • Stakeholder analysis

Answer : Stakeholder analysis

Which of the following processes is described in the statement below? "This is the process of numerically analyzing the effect of identified risks on overall project objectives."


Options are :

  • Identify Risks
  • Monitor and Control Risks
  • Perform Quantitative Risk Analysis
  • Perform Qualitative Risk Analysis

Answer : Perform Quantitative Risk Analysis

ISACA CGEIT Certification Certification Practical Test Set 1

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions