SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CGEIT: Certified In The Governance Of Enterprise It
Start Test
Study First
Subjects
:
certifications
,
cgeit
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. IT Strategy Committee
risk that the controls are inadequate
VR level - integration and business strategy it - Chaired by a business executive / board member
enterprise risk management
processes are assets that create value for the customer
2. Balanced scorecard - Financial
3. Establishing accountability
5 gov processes (GL - PR) - std (users realize - risks opt opt ress) and framework - stakeholder transparency create - it gov: provide direction - evaluate performance - it Mgmnt: translate strategy into direction - and report performance mesure - 32
who should do what? - establishing accountability - VR / goals objectives - GL translate strategy into action (automation - cost - risk mgmt)
Financial - Operational - Reputation
(hierarchy) 5 domains (EDM - po ad ds me) - processes 37 - 211 practices
4. IT Governance and COBIT
5 gov processes (GL - PR) - std (users realize - risks opt opt ress) and framework - stakeholder transparency create - it gov: provide direction - evaluate performance - it Mgmnt: translate strategy into direction - and report performance mesure - 32
Financial - Operational - Reputation
risk and risk response evaluation
risk that something will NOT be revealed - ill-prepared - not tested properly - misinterpreted findings weighted wrong
5. The implementation phase of a (Gov. Compliance) Review
Observations / findings - risks - recommendation / report
A strategic performance management tool - a semi-standard structured report - supported by proven design methods and automation tools - that can be used by managers to keep track of the execution of activities by the staff within their control and .
(hierarchy) 5 domains (EDM - po ad ds me) - processes 37 - 211 practices
iter (interview - test analysis - detecting / hold / summarize - Discuss with auditee
6. Inherent risk
A strategic performance management tool - a semi-standard structured report - supported by proven design methods and automation tools - that can be used by managers to keep track of the execution of activities by the staff within their control and .
operational risk (HR - Law - Nature - IT) - reputational risk
a technique for analysis and presentation of responsibilities - the name is derived from the initial letters of the words Responsible - Accountable - Consulted and Informed.
unavoidable risk
7. The 3 themes of the ICS economic / financial risk
Encourages the identification of measures that answer the question 'How do customers see us?'
operational risk (HR - Law - Nature - IT) - reputational risk
Observations / findings - risks - recommendation / report
inherent risk - control risk: insufficient control system - detection risk: insufficient testing
8. IT Steering Committee
executive tasks: prioritization - resource alloc - project tracking
Scenarios set in a risk environment
Saving the cost of damage (eg ALE) minus cost of mitigation
policy - principles - statements
9. benefit management (Profit organization realization)
quantitative risk analysis approach - damage cost per year * enter frequency
Financial - Operational - Reputation
Benefits realization management (BRM) (also benefits management or benefits realization) is the explicit planning - delivery and management of whole life benefits from an investment. An investment is only successful if Intended benefits are Realised
critical success factors
10. risk governance
The identification of measures that answer the question 'What must we excel at?'
inherent risk - control risk: insufficient control system - detection risk: insufficient testing
risk and risk response evaluation
pain points - improvment opportunities
11. Structure of the 32 COBIT processes mgmt.
VR level - integration and business strategy it - Chaired by a business executive / board member
enterprise risk management
plan: align - plan - Organize (PO) - build: build - Aquire - Implement (AI) - run: Deliver - servie - Support (DS) - Monitor: Monitor - Evaluate - control ME
QA
12. Risk analysis techniques
Threat analysis - vulnerability assessment - gap analysis - (positive and negative / opportunities and threats)
Business goals with Gov. goals priorisiern - IT goals with U-prioritize targets (script 82) - prioritize process with IT goals
extract optimal value from investments it - value management: processes - monitor - portfolio management: funds - human - investment management: business case - Manging program / projects
quantitative risk analysis approach - damage cost per year * enter frequency
13. A widely used definition of operational risk is the one contained in the Basel II [1] regulations. This definition states that operational risk is the risk of loss resulting from ____________ - people and systems - or from external events.
pain points - improvment opportunities
5 gov processes (GL - PR) - std (users realize - risks opt opt ress) and framework - stakeholder transparency create - it gov: provide direction - evaluate performance - it Mgmnt: translate strategy into direction - and report performance mesure - 32
a risk Arising from execution of a company's business functions. It is a very broad concept Which Focuses on the risks you Arising from the people - systems and processes through Which a company operates. It therefore includes other categories examin
inadequate or failed internal processes
14. COBIT enabler guides
QA
The identification of measures that answer the question 'What must we excel at?'
only known processes enabling
risk that something will NOT be revealed - ill-prepared - not tested properly - misinterpreted findings weighted wrong
15. Comprehensive audits
Signature - statement - audit trail
A strategic performance management tool - a semi-standard structured report - supported by proven design methods and automation tools - that can be used by managers to keep track of the execution of activities by the staff within their control and .
Tests - Extensive testing
policy - principles - statements
16. Anual loss expectancy ALE
quantitative risk analysis approach - damage cost per year * enter frequency
basic ingredients - basic principles - enterprise enablers - goals cascade - maturity model
executive tasks: prioritization - resource alloc - project tracking
A quality management standard describes the requirements that must be satisfied by the management system of a company in order to meet a certain standard in the implementation of quality management. It can serve both informative for implementation wi
17. Balanced scorecard - Internal Business Processes
18. Risk treatment process
Signature - statement - audit trail
5 gov processes (GL - PR) - std (users realize - risks opt opt ress) and framework - stakeholder transparency create - it gov: provide direction - evaluate performance - it Mgmnt: translate strategy into direction - and report performance mesure - 32
informations inherited
Define risk owners (possibly delegate to process owners) - avoid the formation - reduction - sharing - acceptance - cost benefit measures to keep the residual risk within defined tolerance limits
19. Balanced scorecard - Customer
20. Balanced scorecard - Learning and Growt
21. ISO 9000
Financial - Operational - Reputation
plan-prepare-execute-track-report
Trust Service Contracts
QA
22. Balanced scorecard (BSC)
Saving the cost of damage (eg ALE) minus cost of mitigation
TQM - BPM /BPR (... reengineering) - BSC - Six Sigma - CMMI
A strategic performance management tool - a semi-standard structured report - supported by proven design methods and automation tools - that can be used by managers to keep track of the execution of activities by the staff within their control and .
critical success factors
23. Valit content framework
(hierarchy) 5 domains (EDM - po ad ds me) - processes 37 - 211 practices
Business goals with Gov. goals priorisiern - IT goals with U-prioritize targets (script 82) - prioritize process with IT goals
extract optimal value from investments it - value management: processes - monitor - portfolio management: funds - human - investment management: business case - Manging program / projects
operational risk (HR - Law - Nature - IT) - reputational risk
24. Entity level controls
TQM - BPM /BPR (... reengineering) - BSC - Six Sigma - CMMI
Tests - Extensive testing
Financial - Operational - Reputation
Controls at the corporate level - are internal controls that help Ensure that management directives pertaining to the entire entity are Carried out. They are the second level of a top-down approach to understanding the risks of an organization. Gener
25. Hierarchy of policies
policy - principles - statements
VR level - integration and business strategy it - Chaired by a business executive / board member
enterprise risk management
Threat analysis - vulnerability assessment - gap analysis - (positive and negative / opportunities and threats)
26. COBIT cascading goals
plan: align - plan - Organize (PO) - build: build - Aquire - Implement (AI) - run: Deliver - servie - Support (DS) - Monitor: Monitor - Evaluate - control ME
Business goals with Gov. goals priorisiern - IT goals with U-prioritize targets (script 82) - prioritize process with IT goals
risk and risk response evaluation
Financial - Operational - Reputation
27. Refine the innovation process management
a technique for analysis and presentation of responsibilities - the name is derived from the initial letters of the words Responsible - Accountable - Consulted and Informed.
Scoping - formal enactment - clear Vogaben at exceptions - verification of compliance
risk that something will NOT be revealed - ill-prepared - not tested properly - misinterpreted findings weighted wrong
create an environment conductive to innovate - Maintain / understand the enterprise environment - monitor / scan the technology environment - assess the potential of emerging tech.- recommend appropriate further initiatives - monitor the implication
28. KPI
Used in business administration figures - references which can be the progress or the level of compliance with regard to important objectives or critical success factors measured within an organization and / or calculated - Important KPIs in the serv
risk that the controls are inadequate
Trust Service Contracts
Signature - statement - audit trail
29. The report stage of a review
Observations / findings - risks - recommendation / report
iter (interview - test analysis - detecting / hold / summarize - Discuss with auditee
critical success factors
inherent risk - control risk: insufficient control system - detection risk: insufficient testing
30. 3 Governance Objectives
Scenarios set in a risk environment
plan: align - plan - Organize (PO) - build: build - Aquire - Implement (AI) - run: Deliver - servie - Support (DS) - Monitor: Monitor - Evaluate - control ME
Benefits realization - risk optimization - resource optimization
A strategic performance management tool - a semi-standard structured report - supported by proven design methods and automation tools - that can be used by managers to keep track of the execution of activities by the staff within their control and .
31. Control risk
inherent risk - control risk: insufficient control system - detection risk: insufficient testing
risk and risk response evaluation
risk that the controls are inadequate
pain points - improvment opportunities
32. COBIT framework
Encourages the identification of measures that answer the question 'How do customers see us?'
basic ingredients - basic principles - enterprise enablers - goals cascade - maturity model
create an environment conductive to innovate - Maintain / understand the enterprise environment - monitor / scan the technology environment - assess the potential of emerging tech.- recommend appropriate further initiatives - monitor the implication
only known processes enabling
33. Value management
Value analysis - was initially applied WA - to identify and eliminate unnecessary costs. WA is equally successful in improving the performance and function of resources other than the costs. In the course of time - extended the WA applications from p
The identification of measures that answer the question 'What must we excel at?'
VR level - integration and business strategy it - Chaired by a business executive / board member
Trust Service Contracts
34. Risk analysis methodology
Trust Service Contracts
Scenarios set in a risk environment
extract optimal value from investments it - value management: processes - monitor - portfolio management: funds - human - investment management: business case - Manging program / projects
basic ingredients - basic principles - enterprise enablers - goals cascade - maturity model
35. application vs. controls. IT general controls
Define risk owners (possibly delegate to process owners) - avoid the formation - reduction - sharing - acceptance - cost benefit measures to keep the residual risk within defined tolerance limits
general: magmt change - security - operations control Application: do everything to do with app. pgm. has zb source management - authentication validation
quantitative risk analysis approach - damage cost per year * enter frequency
COBIT provides the means of risk management - Riskit provides the ends.
36. 5 focus area of IT Governance
To take the residual risk a company is willing risk
stratecic establish alignment / framework - value delivery - risk management - resource mgmt - performance mgmt / stakeholer transparency
plan-prepare-execute-track-report
Define risk owners (possibly delegate to process owners) - avoid the formation - reduction - sharing - acceptance - cost benefit measures to keep the residual risk within defined tolerance limits
37. ISO 9000
Scoping - formal enactment - clear Vogaben at exceptions - verification of compliance
Scenarios set in a risk environment
Observations / findings - risks - recommendation / report
A quality management standard describes the requirements that must be satisfied by the management system of a company in order to meet a certain standard in the implementation of quality management. It can serve both informative for implementation wi
38. Derivation Cobit practices / control objectives
Financial - Operational - Reputation
5 gov processes (GL - PR) - std (users realize - risks opt opt ress) and framework - stakeholder transparency create - it gov: provide direction - evaluate performance - it Mgmnt: translate strategy into direction - and report performance mesure - 32
(hierarchy) 5 domains (EDM - po ad ds me) - processes 37 - 211 practices
Threat analysis - vulnerability assessment - gap analysis - (positive and negative / opportunities and threats)
39. Risk appetite
VR level - integration and business strategy it - Chaired by a business executive / board member
implementation - information security - assurance - Risk
To take the residual risk a company is willing risk
iter (interview - test analysis - detecting / hold / summarize - Discuss with auditee
40. Procedure for Governance Compliance Review
who should do what? - establishing accountability - VR / goals objectives - GL translate strategy into action (automation - cost - risk mgmt)
plan-prepare-execute-track-report
inherent risk - control risk: insufficient control system - detection risk: insufficient testing
extract optimal value from investments it - value management: processes - monitor - portfolio management: funds - human - investment management: business case - Manging program / projects
41. Key principle of BPM
processes are assets that create value for the customer
Business goals with Gov. goals priorisiern - IT goals with U-prioritize targets (script 82) - prioritize process with IT goals
unavoidable risk
a risk Arising from execution of a company's business functions. It is a very broad concept Which Focuses on the risks you Arising from the people - systems and processes through Which a company operates. It therefore includes other categories examin
42. Escrow contracts
Trust Service Contracts
executive tasks: prioritization - resource alloc - project tracking
a risk Arising from execution of a company's business functions. It is a very broad concept Which Focuses on the risks you Arising from the people - systems and processes through Which a company operates. It therefore includes other categories examin
Value analysis - was initially applied WA - to identify and eliminate unnecessary costs. WA is equally successful in improving the performance and function of resources other than the costs. In the course of time - extended the WA applications from p
43. Control self assessment Self-assessment (kd) or a Control Self Assessment (CSA supervised self-assessment
Observations / findings - risks - recommendation / report
An internally controlled collection and analysis of values. In a control self-assessment fill out one or more units surveyed questionnaires - which can then be evaluated independently. This survey can help the units (individuals - groups - department
A strategic performance management tool - a semi-standard structured report - supported by proven design methods and automation tools - that can be used by managers to keep track of the execution of activities by the staff within their control and .
Financial - Operational - Reputation
44. ISO 27000
informations inherited
QA
policy - principles - statements
(hierarchy) 5 domains (EDM - po ad ds me) - processes 37 - 211 practices
45. ISO 31000
An internally controlled collection and analysis of values. In a control self-assessment fill out one or more units surveyed questionnaires - which can then be evaluated independently. This survey can help the units (individuals - groups - department
enterprise risk management
unavoidable risk
performance monitoring - to demostrate the effectivness if IT and communicate about it - Performance - risk and capabilities
46. Operational risk is...
47. COBIT professional guides
To take the residual risk a company is willing risk
policy - principles - statements
Scoping - formal enactment - clear Vogaben at exceptions - verification of compliance
implementation - information security - assurance - Risk
48. Function point analysis
QA
Saving the cost of damage (eg ALE) minus cost of mitigation
Review process for software system - The functional size is determined - where you split the functional requirements of an application into small - meaningful to the user activities that elementary processes. Same elementary processes are evaluated o
risk that something will NOT be revealed - ill-prepared - not tested properly - misinterpreted findings weighted wrong
49. Audit risk consists of...
only known processes enabling
pain points - improvment opportunities
inherent risk - control risk: insufficient control system - detection risk: insufficient testing
The identification of measures that answer the question 'What must we excel at?'
50. Methods for continuous process improvement
TQM - BPM /BPR (... reengineering) - BSC - Six Sigma - CMMI
Scenarios set in a risk environment
quantitative risk analysis approach - damage cost per year * enter frequency
plan: align - plan - Organize (PO) - build: build - Aquire - Implement (AI) - run: Deliver - servie - Support (DS) - Monitor: Monitor - Evaluate - control ME