SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CGEIT: Certified In The Governance Of Enterprise It
Start Test
Study First
Subjects
:
certifications
,
cgeit
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. 3 Governance Objectives
(hierarchy) 5 domains (EDM - po ad ds me) - processes 37 - 211 practices
Used in business administration figures - references which can be the progress or the level of compliance with regard to important objectives or critical success factors measured within an organization and / or calculated - Important KPIs in the serv
create an environment conductive to innovate - Maintain / understand the enterprise environment - monitor / scan the technology environment - assess the potential of emerging tech.- recommend appropriate further initiatives - monitor the implication
Benefits realization - risk optimization - resource optimization
2. Use of balanced scorecards
policy - principles - statements
performance monitoring - to demostrate the effectivness if IT and communicate about it - Performance - risk and capabilities
operational risk (HR - Law - Nature - IT) - reputational risk
(hierarchy) 5 domains (EDM - po ad ds me) - processes 37 - 211 practices
3. Risk analysis methodology
operational risk (HR - Law - Nature - IT) - reputational risk
Encourages the identification of measures that answer the question? 'How can we continue to improve and create value. '
Scenarios set in a risk environment
inherent risk - control risk: insufficient control system - detection risk: insufficient testing
4. Escrow contracts
Saving the cost of damage (eg ALE) minus cost of mitigation
Trust Service Contracts
risk and risk response evaluation
quantitative risk analysis approach - damage cost per year * enter frequency
5. Balanced scorecard - Internal Business Processes
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
6. application vs. controls. IT general controls
inherent risk - control risk: insufficient control system - detection risk: insufficient testing
policy - principles - statements
general: magmt change - security - operations control Application: do everything to do with app. pgm. has zb source management - authentication validation
a risk Arising from execution of a company's business functions. It is a very broad concept Which Focuses on the risks you Arising from the people - systems and processes through Which a company operates. It therefore includes other categories examin
7. Control self assessment Self-assessment (kd) or a Control Self Assessment (CSA supervised self-assessment
create an environment conductive to innovate - Maintain / understand the enterprise environment - monitor / scan the technology environment - assess the potential of emerging tech.- recommend appropriate further initiatives - monitor the implication
Review process for software system - The functional size is determined - where you split the functional requirements of an application into small - meaningful to the user activities that elementary processes. Same elementary processes are evaluated o
An internally controlled collection and analysis of values. In a control self-assessment fill out one or more units surveyed questionnaires - which can then be evaluated independently. This survey can help the units (individuals - groups - department
The identification of measures that answer the question 'What must we excel at?'
8. Valit content framework
who should do what? - establishing accountability - VR / goals objectives - GL translate strategy into action (automation - cost - risk mgmt)
Value analysis - was initially applied WA - to identify and eliminate unnecessary costs. WA is equally successful in improving the performance and function of resources other than the costs. In the course of time - extended the WA applications from p
extract optimal value from investments it - value management: processes - monitor - portfolio management: funds - human - investment management: business case - Manging program / projects
risk and risk response evaluation
9. Refine the innovation process management
only known processes enabling
create an environment conductive to innovate - Maintain / understand the enterprise environment - monitor / scan the technology environment - assess the potential of emerging tech.- recommend appropriate further initiatives - monitor the implication
informations inherited
(hierarchy) 5 domains (EDM - po ad ds me) - processes 37 - 211 practices
10. To address three types of risk in the ICS
risk that something will NOT be revealed - ill-prepared - not tested properly - misinterpreted findings weighted wrong
critical success factors
Tests - Extensive testing
Financial - Operational - Reputation
11. risk governance
Benefits realization - risk optimization - resource optimization
5 gov processes (GL - PR) - std (users realize - risks opt opt ress) and framework - stakeholder transparency create - it gov: provide direction - evaluate performance - it Mgmnt: translate strategy into direction - and report performance mesure - 32
risk and risk response evaluation
Saving the cost of damage (eg ALE) minus cost of mitigation
12. Value management
Value analysis - was initially applied WA - to identify and eliminate unnecessary costs. WA is equally successful in improving the performance and function of resources other than the costs. In the course of time - extended the WA applications from p
executive tasks: prioritization - resource alloc - project tracking
(hierarchy) 5 domains (EDM - po ad ds me) - processes 37 - 211 practices
COBIT provides the means of risk management - Riskit provides the ends.
13. Procedure for Governance Compliance Review
plan-prepare-execute-track-report
To take the residual risk a company is willing risk
stratecic establish alignment / framework - value delivery - risk management - resource mgmt - performance mgmt / stakeholer transparency
executive tasks: prioritization - resource alloc - project tracking
14. Audit risk consists of...
Define risk owners (possibly delegate to process owners) - avoid the formation - reduction - sharing - acceptance - cost benefit measures to keep the residual risk within defined tolerance limits
inherent risk - control risk: insufficient control system - detection risk: insufficient testing
quantitative risk analysis approach - damage cost per year * enter frequency
TQM - BPM /BPR (... reengineering) - BSC - Six Sigma - CMMI
15. Anual loss expectancy ALE
(hierarchy) 5 domains (EDM - po ad ds me) - processes 37 - 211 practices
stratecic establish alignment / framework - value delivery - risk management - resource mgmt - performance mgmt / stakeholer transparency
risk that something will NOT be revealed - ill-prepared - not tested properly - misinterpreted findings weighted wrong
quantitative risk analysis approach - damage cost per year * enter frequency
16. Risk appetite
A strategic performance management tool - a semi-standard structured report - supported by proven design methods and automation tools - that can be used by managers to keep track of the execution of activities by the staff within their control and .
iter (interview - test analysis - detecting / hold / summarize - Discuss with auditee
unavoidable risk
To take the residual risk a company is willing risk
17. Comprehensive audits
risk that something will NOT be revealed - ill-prepared - not tested properly - misinterpreted findings weighted wrong
An internally controlled collection and analysis of values. In a control self-assessment fill out one or more units surveyed questionnaires - which can then be evaluated independently. This survey can help the units (individuals - groups - department
Scoping - formal enactment - clear Vogaben at exceptions - verification of compliance
Tests - Extensive testing
18. Detection risk
risk that something will NOT be revealed - ill-prepared - not tested properly - misinterpreted findings weighted wrong
create an environment conductive to innovate - Maintain / understand the enterprise environment - monitor / scan the technology environment - assess the potential of emerging tech.- recommend appropriate further initiatives - monitor the implication
Benefits realization management (BRM) (also benefits management or benefits realization) is the explicit planning - delivery and management of whole life benefits from an investment. An investment is only successful if Intended benefits are Realised
Value analysis - was initially applied WA - to identify and eliminate unnecessary costs. WA is equally successful in improving the performance and function of resources other than the costs. In the course of time - extended the WA applications from p
19. Inherent risk
processes are assets that create value for the customer
unavoidable risk
Encourages the identification of measures that answer the question? 'How can we continue to improve and create value. '
A strategic performance management tool - a semi-standard structured report - supported by proven design methods and automation tools - that can be used by managers to keep track of the execution of activities by the staff within their control and .
20. Risk analysis techniques
basic ingredients - basic principles - enterprise enablers - goals cascade - maturity model
Threat analysis - vulnerability assessment - gap analysis - (positive and negative / opportunities and threats)
a risk Arising from execution of a company's business functions. It is a very broad concept Which Focuses on the risks you Arising from the people - systems and processes through Which a company operates. It therefore includes other categories examin
plan: align - plan - Organize (PO) - build: build - Aquire - Implement (AI) - run: Deliver - servie - Support (DS) - Monitor: Monitor - Evaluate - control ME
21. IT Governance and COBIT
Encourages the identification of measures that answer the question 'How do customers see us?'
An internally controlled collection and analysis of values. In a control self-assessment fill out one or more units surveyed questionnaires - which can then be evaluated independently. This survey can help the units (individuals - groups - department
5 gov processes (GL - PR) - std (users realize - risks opt opt ress) and framework - stakeholder transparency create - it gov: provide direction - evaluate performance - it Mgmnt: translate strategy into direction - and report performance mesure - 32
inherent risk - control risk: insufficient control system - detection risk: insufficient testing
22. Structure of the 32 COBIT processes mgmt.
executive tasks: prioritization - resource alloc - project tracking
general: magmt change - security - operations control Application: do everything to do with app. pgm. has zb source management - authentication validation
plan: align - plan - Organize (PO) - build: build - Aquire - Implement (AI) - run: Deliver - servie - Support (DS) - Monitor: Monitor - Evaluate - control ME
TQM - BPM /BPR (... reengineering) - BSC - Six Sigma - CMMI
23. Riskit vs. COBIT
only known processes enabling
COBIT provides the means of risk management - Riskit provides the ends.
VR level - integration and business strategy it - Chaired by a business executive / board member
Review process for software system - The functional size is determined - where you split the functional requirements of an application into small - meaningful to the user activities that elementary processes. Same elementary processes are evaluated o
24. Three different control categories?
processes are assets that create value for the customer
Preventive controls - detective controls - corrective controls (troubleshooting instructions)
QA
plan-prepare-execute-track-report
25. The 3 themes of the ICS economic / financial risk
operational risk (HR - Law - Nature - IT) - reputational risk
pain points - improvment opportunities
inadequate or failed internal processes
who should do what? - establishing accountability - VR / goals objectives - GL translate strategy into action (automation - cost - risk mgmt)
26. ISO 27000
general: magmt change - security - operations control Application: do everything to do with app. pgm. has zb source management - authentication validation
inadequate or failed internal processes
informations inherited
TQM - BPM /BPR (... reengineering) - BSC - Six Sigma - CMMI
27. Return on security investment ROSI
An internally controlled collection and analysis of values. In a control self-assessment fill out one or more units surveyed questionnaires - which can then be evaluated independently. This survey can help the units (individuals - groups - department
Preventive controls - detective controls - corrective controls (troubleshooting instructions)
Tests - Extensive testing
Saving the cost of damage (eg ALE) minus cost of mitigation
28. ISO 31000
what are the drivers - where are we now - where do we want to be - what needs to be done (project plan) - how do we get there (execute) - did we get there - how to keep the momentum going
Scenarios set in a risk environment
enterprise risk management
pain points - improvment opportunities
29. Balanced scorecard - Financial
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
30. COBIT enabler guides
only known processes enabling
VR level - integration and business strategy it - Chaired by a business executive / board member
Review process for software system - The functional size is determined - where you split the functional requirements of an application into small - meaningful to the user activities that elementary processes. Same elementary processes are evaluated o
stratecic establish alignment / framework - value delivery - risk management - resource mgmt - performance mgmt / stakeholer transparency
31. Balanced scorecard - Learning and Growt
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
32. Establishing accountability
who should do what? - establishing accountability - VR / goals objectives - GL translate strategy into action (automation - cost - risk mgmt)
Trust Service Contracts
risk that the controls are inadequate
A quality management standard describes the requirements that must be satisfied by the management system of a company in order to meet a certain standard in the implementation of quality management. It can serve both informative for implementation wi
33. IT governance life cycle
what are the drivers - where are we now - where do we want to be - what needs to be done (project plan) - how do we get there (execute) - did we get there - how to keep the momentum going
Financial - Operational - Reputation
Encourages the identification of measures that answer the question? 'How can we continue to improve and create value. '
Threat analysis - vulnerability assessment - gap analysis - (positive and negative / opportunities and threats)
34. Types of assertions
plan-prepare-execute-track-report
Signature - statement - audit trail
who should do what? - establishing accountability - VR / goals objectives - GL translate strategy into action (automation - cost - risk mgmt)
inadequate or failed internal processes
35. ISO 9000
QA
inherent risk - control risk: insufficient control system - detection risk: insufficient testing
A quality management standard describes the requirements that must be satisfied by the management system of a company in order to meet a certain standard in the implementation of quality management. It can serve both informative for implementation wi
implementation - information security - assurance - Risk
36. Operational risk is...
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
37. Good starting points forIT Gov
pain points - improvment opportunities
The identification of measures that answer the question 'What must we excel at?'
a risk Arising from execution of a company's business functions. It is a very broad concept Which Focuses on the risks you Arising from the people - systems and processes through Which a company operates. It therefore includes other categories examin
basic ingredients - basic principles - enterprise enablers - goals cascade - maturity model
38. ISO 9000
who should do what? - establishing accountability - VR / goals objectives - GL translate strategy into action (automation - cost - risk mgmt)
plan-prepare-execute-track-report
QA
COBIT provides the means of risk management - Riskit provides the ends.
39. The report stage of a review
Observations / findings - risks - recommendation / report
Used in business administration figures - references which can be the progress or the level of compliance with regard to important objectives or critical success factors measured within an organization and / or calculated - Important KPIs in the serv
Value analysis - was initially applied WA - to identify and eliminate unnecessary costs. WA is equally successful in improving the performance and function of resources other than the costs. In the course of time - extended the WA applications from p
risk that something will NOT be revealed - ill-prepared - not tested properly - misinterpreted findings weighted wrong
40. COBIT professional guides
stratecic establish alignment / framework - value delivery - risk management - resource mgmt - performance mgmt / stakeholer transparency
Financial - Operational - Reputation
risk and risk response evaluation
implementation - information security - assurance - Risk
41. Derivation Cobit practices / control objectives
enterprise risk management
Trust Service Contracts
(hierarchy) 5 domains (EDM - po ad ds me) - processes 37 - 211 practices
Financial - Operational - Reputation
42. Hierarchy of policies
only known processes enabling
risk that something will NOT be revealed - ill-prepared - not tested properly - misinterpreted findings weighted wrong
policy - principles - statements
COBIT provides the means of risk management - Riskit provides the ends.
43. Balanced scorecard - Customer
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
44. COBIT cascading goals
pain points - improvment opportunities
risk that the controls are inadequate
extract optimal value from investments it - value management: processes - monitor - portfolio management: funds - human - investment management: business case - Manging program / projects
Business goals with Gov. goals priorisiern - IT goals with U-prioritize targets (script 82) - prioritize process with IT goals
45. 5 focus area of IT Governance
stratecic establish alignment / framework - value delivery - risk management - resource mgmt - performance mgmt / stakeholer transparency
A quality management standard describes the requirements that must be satisfied by the management system of a company in order to meet a certain standard in the implementation of quality management. It can serve both informative for implementation wi
The identification of measures that answer the question 'What must we excel at?'
performance monitoring - to demostrate the effectivness if IT and communicate about it - Performance - risk and capabilities
46. Best practices in dealing with policies Policies (not principles)
inadequate or failed internal processes
Scoping - formal enactment - clear Vogaben at exceptions - verification of compliance
plan: align - plan - Organize (PO) - build: build - Aquire - Implement (AI) - run: Deliver - servie - Support (DS) - Monitor: Monitor - Evaluate - control ME
Business goals with Gov. goals priorisiern - IT goals with U-prioritize targets (script 82) - prioritize process with IT goals
47. KPI
Used in business administration figures - references which can be the progress or the level of compliance with regard to important objectives or critical success factors measured within an organization and / or calculated - Important KPIs in the serv
risk and risk response evaluation
pain points - improvment opportunities
informations inherited
48. Balanced scorecard (BSC)
A strategic performance management tool - a semi-standard structured report - supported by proven design methods and automation tools - that can be used by managers to keep track of the execution of activities by the staff within their control and .
Preventive controls - detective controls - corrective controls (troubleshooting instructions)
executive tasks: prioritization - resource alloc - project tracking
stratecic establish alignment / framework - value delivery - risk management - resource mgmt - performance mgmt / stakeholer transparency
49. Methods for continuous process improvement
TQM - BPM /BPR (... reengineering) - BSC - Six Sigma - CMMI
pain points - improvment opportunities
Tests - Extensive testing
general: magmt change - security - operations control Application: do everything to do with app. pgm. has zb source management - authentication validation
50. benefit management (Profit organization realization)
general: magmt change - security - operations control Application: do everything to do with app. pgm. has zb source management - authentication validation
An internally controlled collection and analysis of values. In a control self-assessment fill out one or more units surveyed questionnaires - which can then be evaluated independently. This survey can help the units (individuals - groups - department
Benefits realization management (BRM) (also benefits management or benefits realization) is the explicit planning - delivery and management of whole life benefits from an investment. An investment is only successful if Intended benefits are Realised
inherent risk - control risk: insufficient control system - detection risk: insufficient testing