Questions for the COBIT-2019 were updated on : Feb 17 ,2026
Who is responsible for the oversight of structures and mechanisms that drive enterprise governance
of information and technology (EGIT)?
A
Explanation:
The responsibility for overseeing EGIT structures lies with the board, according to COBIT 2019. The
board ensures that the enterprise’s IT governance aligns with strategic objectives, monitors
compliance, and oversees risk management. This aligns with the Evaluate, Direct, and Monitor
(EDM) domain, which assigns the board the role of setting direction, making high-level decisions, and
assessing IT governance effectiveness to align with overall enterprise strategy .
Which of the following could be used to map documentation for governance and management
practices?
C
Explanation:
COBIT 2019 highlights the importance of detailed documentation of process activities to support
governance and management practices. By mapping these activities, organizations can clearly
understand how procedures align with governance objectives and regulatory requirements. Detailed
process mapping aids in ensuring consistent performance, compliance, and alignment with
enterprise goals, specifically within the framework’s governance system components .
Time-to-market is a metric that is directly related to which of the following enterprise goals?
C
Explanation:
In COBIT 2019, "Time-to-market" is closely associated with the enterprise goal of maintaining a
portfolio of competitive products and services. This metric reflects the enterprise’s ability to deliver
new offerings to the market efficiently, which is essential for competitive advantage. The COBIT goals
cascade links time-to-market to this objective, emphasizing the importance of quick responsiveness
to market demands as part of enterprise strategy .
DevOps is an example of which of the following?
B
Explanation:
In COBIT 2019, DevOps is classified as a design factor and a hybrid method. Design factors influence
the tailoring of a governance system. As a hybrid method, DevOps combines development and
operations practices, emphasizing continuous delivery and integration. This concept aligns with
COBIT’s adaptable framework, which accommodates various focus areas and methodologies to
enhance agility and responsiveness in IT processes .
Which of the following is a component of the governance system that provides an enterprise with
the tools and systems for IT processing?
C
Explanation:
The governance system in COBIT 2019 includes various components that support the effective
management and control of enterprise IT. "Services, infrastructure, and applications" is one such
component, encompassing the physical and virtual tools required for IT operations. This component
ensures that the technology systems align with the enterprise's strategic objectives, as outlined in
the COBIT core model (specifically in the framework sections on governance components). This is
part of delivering and supporting IT services to meet business needs effectively .
When making IT-related decisions, stakeholders will find the COBIT framework MOST useful for:
C
Explanation:
COBIT 2019 provides a comprehensive framework to support the decision-making process rather
than prescribing specific solutions. It guides the structuring of governance and management
objectives across different domains, such as EDM, APO, and BAI, enabling stakeholders to understand
the components and decision levels required for efficient IT governance. This aligns with COBIT's
goals to establish clear responsibilities and decision-making criteria for various roles, ensuring
alignment with enterprise objectives and stakeholder needs .
Who is responsible for the oversight of structures and mechanisms that drive enterprise governance
of information and technology (EGIT)?
A
Explanation:
In COBIT 2019, enterprise governance of IT (EGIT) is an essential responsibility of the board. The
board holds ultimate accountability for governance by setting direction, monitoring performance,
and ensuring compliance with the enterprise’s goals. This responsibility includes establishing
structures and mechanisms to support EGIT, which falls under the Evaluate, Direct, and Monitor
(EDM) domain, specifically addressed in governance objective EDM01. The framework specifies that
governance is led by the board, with executive management supporting execution .
Recognizing and rewarding EGIT implementation program performance is MOST beneficial when:
B
Explanation:
Recognizing and rewarding EGIT implementation program performance is most beneficial when
measuring realized program benefits. According to the COBIT 2019 Implementation Guide,
recognizing and rewarding program performance is one of the key success factors for implementing
and optimizing an EGIT program. Recognizing and rewarding program performance involves
acknowledging and appreciating the achievements and contributions of the program team and
stakeholders, as well as providing incentives and motivation for further improvement. Recognizing
and rewarding program performance is most beneficial when measuring realized program benefits,
because this is the stage where the actual outcomes and value of the program are evaluated against
the expected goals and metrics. By recognizing and rewarding program performance at this stage,
the enterprise can reinforce the positive impact of the program, celebrate the success of the program
team and stakeholders, and encourage continuous learning and improvement. Reference: : COBIT
2019 Implementation Guide: Implementing and Optimizing an Information and Technology
Governance Solution, page 17 : COBIT 2019 Implementation Guide: Implementing and Optimizing an
Information and Technology Governance Solution, page 46
Which of the following involves numeric mapping tables created for each of the design factors?
B
Explanation:
A quantitative approach involves numeric mapping tables created for each of the design factors.
According to the COBIT 2019 Design Guide, a quantitative approach is one of the four possible
approaches for designing a governance system based on the design factors. A design factor is a
characteristic of the enterprise that influences how the governance system should be designed. A
quantitative approach uses numeric values to represent the impact of each design factor on the
governance components, such as processes, organizational structures, roles, and practices. The
numeric values are derived from mapping tables that show how each design factor affects each
governance component. The mapping tables are based on empirical data, expert judgment, or best
practices. The quantitative approach helps to provide a more objective and consistent way of
designing a governance system that is tailored to the enterprise context and needs. Reference: :
COBIT 2019 Design Guide: Designing an Information & Technology Governance Solution, page 54 :
COBIT 2019 Design Guide: Designing an Information & Technology Governance Solution, page 56
Which of the following is a KEY consideration when finalizing a governance system design with
competing priorities?
D
Explanation:
A key consideration when finalizing a governance system design with competing priorities is that the
enterprise should be prepared to deviate from previously identified priorities with justified reasons.
According to the COBIT 2019 Design Guide, competing priorities are one of the common challenges
that enterprises face when designing a governance system. Competing priorities may arise from
different stakeholder expectations, requirements, preferences, perspectives, or interests. The COBIT
2019 Design Guide recommends that enterprises use a structured approach to resolve competing
priorities, such as the COBIT 2019 Governance System Design Workflow. The workflow helps
enterprises to identify and prioritize their improvement opportunities based on a gap analysis
between their current and desired states of governance. However, the workflow also allows
enterprises to adjust their priorities as needed during the design process, as long as they provide
clear and rational reasons for doing so. For example, enterprises may deviate from their initial
priorities due to changes in the business environment, stakeholder feedback, new insights, or
emerging issues.
The deviation from previously identified priorities should be documented and
communicated to all relevant stakeholders to ensure transparency and alignment. Reference: : COBIT
2019 Design Guide: Designing an Information & Technology Governance Solution, page 32 2 : COBIT
2019 Design Guide: Designing an Information & Technology Governance Solution, page 34
Which of the following is an important component for an enterprise strategy archetype of cost
leadership as defined by COBIT 2019?
D
Explanation:
An important component for an enterprise strategy archetype of cost leadership as defined by COBIT
2019 is support for the portfolio management role with an investment office. According to the COBIT
2019 Design Guide, cost leadership is one of the four generic enterprise strategy archetypes that
describe how enterprises compete in their markets. Cost leadership means that an enterprise aims
to offer the lowest prices for its products or services by minimizing its costs and maximizing its
efficiency. One of the design factors that influence the governance system for a cost leadership
strategy is the organizational structures. The COBIT 2019 Design Guide suggests that a cost
leadership strategy requires a centralized and standardized organizational structure that supports the
portfolio management role with an investment office. The portfolio management role is responsible
for selecting, prioritizing, and balancing the IT investments that align with the enterprise strategy
and objectives. The investment office is a function that assists the portfolio management role by
providing financial analysis, reporting, and decision support.
The support for the portfolio
management role with an investment office helps to ensure that the IT investments are optimized for
cost and value. Reference: : COBIT 2019 Design Guide: Designing an Information & Technology
Governance Solution, page 48 2 : COBIT 2019 Design Guide: Designing an Information & Technology
Governance Solution, page 51
What functional task area is responsible for assessing the potential return on investment (ROI) during
future state planning?
D
Explanation:
The functional task area that is responsible for assessing the potential return on investment (ROI)
during future state planning is program management. According to the COBIT 2019 Implementation
Guide, program management is one of the key enablers of IT governance and management, and it
includes the processes and practices for planning, executing, monitoring, controlling, and closing IT
programs and projects. One of the activities of program management is to conduct a business case
analysis for each proposed improvement initiative in the future state plan. This analysis involves
estimating the costs, benefits, risks, dependencies, assumptions, constraints, success factors, and
ROI of each initiative.
The analysis helps to prioritize and justify the initiatives based on their
expected value to the enterprise. Reference: : COBIT 2019 Implementation Guide: Implementing and
Optimizing an Information and Technology Governance Solution, page 15 1 : COBIT 2019
Implementation Guide: Implementing and Optimizing an Information and Technology Governance
Solution, page 38
Using the COBIT 2019 Governance System Design Workflow allows enterprises to:
D
Explanation:
Using the COBIT 2019 Governance System Design Workflow allows enterprises to realize a
governance system that is tailored to their needs. The COBIT 2019 Governance System Design
Workflow is a set of steps that guide enterprises in designing a customized governance system based
on their specific context, goals, issues, and priorities. The workflow helps enterprises to identify their
current state, desired state, gaps, improvement opportunities, design factors, governance
components, roles, responsibilities, practices, activities, inputs, outputs, goals, metrics, and road
map for implementing their governance system. The workflow also helps enterprises to balance
competing requirements and resolve conflicts among stakeholders.
By following the workflow,
enterprises can design a governance system that fits their unique needs and delivers value to their
business. Reference: : COBIT 2019 Design Guide: Designing an Information & Technology Governance
Solution, page 29 2 : COBIT 2019 Design Guide: Designing an Information & Technology Governance
Solution, page 31
Who is responsible for performing a stakeholder satisfaction survey and gathering feedback on
lessons learned from the implementation of an EGIT program plan?
A
Explanation:
The CIO and the program steering committee are responsible for performing a stakeholder
satisfaction survey and gathering feedback on lessons learned from the implementation of an EGIT
program plan. According to the COBIT 2019 Implementation Guide, the CIO is the executive sponsor
of the EGIT program, who provides strategic direction, leadership, and oversight for the program. The
program steering committee is a group of senior stakeholders who support the CIO in governing and
monitoring the program. One of their responsibilities is to conduct regular reviews of the program
performance and outcomes, including stakeholder satisfaction and lessons learned.
These reviews
help to evaluate the effectiveness and efficiency of the EGIT program plan and identify areas for
improvement. Reference: : COBIT 2019 Implementation Guide: Implementing and Optimizing an
Information and Technology Governance Solution, page 23 1 : COBIT 2019 Implementation Guide:
Implementing and Optimizing an Information and Technology Governance Solution, page 45 1
Which function within the IT corporate structure is responsible for classifying information using an
agreed-upon classification scheme for a new data collection system?
C
Explanation:
The information security function within the IT corporate structure is responsible for classifying
information using an agreed-upon classification scheme for a new data collection system. According
to the COBIT 2019 Implementation Guide, information security is one of the key enablers of IT
governance and management, and it includes the processes and practices for ensuring the
confidentiality, integrity, and availability of information assets. One of the activities of information
security is to define and implement an information classification scheme that categorizes
information based on its sensitivity, criticality, and value to the enterprise.
This scheme helps to
determine the appropriate level of protection and controls for different types of information,
especially for new data collection systems that may involve personal or sensitive data. Reference: :
COBIT 2019 Implementation Guide: Implementing and Optimizing an Information and Technology
Governance Solution, page 15 1 : COBIT 2019 Design Guide: Designing an Information & Technology
Governance Solution, page 62
.