DISA Review Questions, Answers Manual

Download as pdf or txt
Download as pdf or txt
You are on page 1of 8

DISA Review Questions, Answers Manual

562. In Governance of Enterprise IT, the IT Strategy Committee should include


_____________
A. Board members alone, considering the strategic content
B. Non-Board members alone, considering the need for implementation support
C. Both Board as well as non-Board members
D. Board members and IT managers alone
KEY C
Justification
The IT Strategy Committee should have representation from Board as well as non-
Board members, with representation from all divisions. Answer at Option C is the
correct one.
563. Which of the following has primary responsibility for implementation of
Governance of Enterprise IT ?
A. The Managing Director or CEO of the Organization
B. The CIO of the organization
C. The IT Strategy Committee
D. The IT Steering Committee
KEY C
Justification
It is the IT Strategy Committee whose primary responsibility it is to implement GEIT,
while the accountability is of the Board of Directors itself. Answer at Option C is the
correct one.
564. Which of the 7 enablers of COBIT 5 is considered the most important ?
A. Organization structure
B. Principles, policies & framework
C. Processes
D. Information
KEY D
Justification
Information is considered the most important of the enablers of COBIT 5. Answer at
Option D is the correct one.

224
Governance and Management of Enterprise Information Technology, Risk …

565. What is most important in developing a performance management system ?


A. Deciding on incentive schemes
B. Identifying enterprise goals & their linkage to operating environment
C. Developing clear organization structure
D. Benchmarking with industry
KEY B
Justification
The most important aspect of performance management development is ensuring that
organizational goals, vision, mission are cascaded downwards to all, establishing a
clear linkage. But for this, the entire exercise would be fruitless since the performance
could be directed at goals other than those established through the vision / mission of
the organization. Answer at Option B is the correct one.
566. A good performance management system assesses performance against goals
through Key Goal Indicators. Simultaneously, it monitors performance of process
through _________
A. Work flow indicators
B. Moving average indicators
C. KEY Process Indicators
D. Industry benchmarks
KEY C
Justification
Monitoring of performance of process is through the KEY Process Indicator. Hence, the
answer at Option C is the correct one.
567. The approach of using lead indicators for performance measurement is called
__________
A. Reactive approach
B. Retroactive approach
C. Proactive approach
D. Retrospective approach

225
DISA Review Questions, Answers Manual

KEY C
Justification
The approach of using lead indicators for performance measurement is called Proactive
approach. Hence, the answer at Option C is the correct one.
568. The approach of using lag indicators for performance measurement is called ?
A. Proactive approach
B. Reactive approach
C. Retroactive approach
D. Retrospective approach
KEY B
Justification
The approach of using lag indicators for performance measurement is called Reactive
approach. Hence, the answer at Option B is the correct one.
569. Where is the Capability Maturity framework of Performance Management Systems
generally used?
A. Hardware Development Company
B. Research & Development institution
C. Software Development Company
D. Educational institutions
KEY C
Justification
The Capability Maturity framework of Performance Management Systems is generally
used in the software development companies. . Hence, the answer at Option C is the
correct one.
570. Mr Johnson has just taken charge as Head of a fledgling educational institution
which has not had a good track record. He feels that he has his task cut out for
him he needs to focus more on the lead parameters rather than lag indicators so
that he can create sustainable results. Which of the following would be an
example of lead indicators ?
A. Number of passes by students in the Matriculation examination
B. Number of all-India rank holders from the school in the Matriculation examination
C. Number of failures in the Matriculation examination

226
Governance and Management of Enterprise Information Technology, Risk …

D. Number of hours of refresher courses attended by teachers


KEY D
Justification
The correct answer would obviously be the number of hours of refresher courses.
Hence, the answer at Option D is the correct one.
571. In Governance, value creation happens through Benefits Realisation, Risk
optimization & Resource Optimization decisions taking into account _________
A. All Stakeholders’ needs
B. All Shareholders’ needs
C. Organizational goals
D. Organizational vision, mission
KEY A
Justification
In Governance, all stakeholders’ needs should be taken into account while taking
decisions related to benefits realization, risk optimization & resource Optimization.
Hence, the answer at Option A is the correct one.
572. Which framework specifically enables users to relate their enterprise’s current
business & IT environment to specific objectives & relevant processes ?
A. Quality management system
B. Six Sigma approach
C. COBIT 5 framework
D. Blue Ocean framework
KEY C
Justification
While many frameworks may address such linkages generically, the advantage of
COBIT 5 is that it specifically enables users to relate their enterprise’s current business
and IT environment to specific objectives and relevant processes. Hence, the answer at
Option C is the correct one.
573. The Balanced Score Card is an invaluable management tool that helps translate
strategy into action and also for ________________
A. Balancing share holders needs with employee needs
B. Bringing non-financial indicators into better focus

227
DISA Review Questions, Answers Manual

C. Balancing needs of multiple functions within an organization


D. Balancing lead and lag indicators
KEY B
Justification
As brought out in Option B above, one of the major advantages of the Balanced score
card mechanism is its ability to focus on non-financial indicators too, thus bringing in a
balance between financial & non-financial parameters. The answers in other Options
are incorrect.
574. The Balanced Score Card is designed to ensure that performance metrics and
strategic themes are balanced with financial & non-financial, operational &
financial, lead & lag indicators. Financial, Customer & Internal Business process
perspectives are three of the four perspectives of BSC. The fourth perspective is
_________________.
A. Learning & Growth
B. Shareholders versus Employees
C. Short term versus Long term
D. Lead and lag indicators
KEY A
Justification
As brought out in Option A above, the fourth perspective of BSC is Learning & Growth.
The answers in Options B to D are incorrect.
575. The Balanced Score Card ____________
A. Is meant for the use of only the senior level executives
B. Cannot be linked to the IT goals & objectives
C. Cannot be the basis for performance incentives
D. Can be cascaded down to all levels of the organization
KEY D
Justification
As brought out in Option D above, the BSC can, indeed, be cascaded down to all the
levels of organization. The answers in other options are incorrect.

228
Governance and Management of Enterprise Information Technology, Risk …

576. What is the most important aspect of the CIMA Strategic Score Card approach ?
A. Focuses exclusively on strategy matters
B. Focuses exclusively on IT governance & strategy aspects
C. Addresses conformance as well as performance, focussing on strategic issues
D. Unlike the Balanced Score card, it focuses on lead indicators alone
KEY C
Justification
The CIMA Strategic Score Card approach addresses both conformance as well as
performance, focussing on strategic issues. The answers in other options are incorrect.
577. Strategic position, Strategic options and Strategic implementation are three of the
four basic elements of the CIMA Strategic Score card. What is the fourth
element ?
A. Strategic Risks
B. Strategic Conformance
C. Strategic Performance
D. Strategic IT
KEY A
Justification
The fourth element of the CIMA Strategic Score Card approach is Strategic Risks. The
answers in Options B to D are incorrect.
578. What is fundamental to the Capability Maturity Model Integration (CMMI) ?
A. Used universally, except in the I.T. industry
B. Is superior to COBIT 5 which does not have process capability
C. It is a process improvement approach
D. Focuses on internal process alone
KEY C
Justification
The CMMI model is a process improvement approach & is a preferred model for the IT
industry. COBIT 5, too, has process capability built in. CMMI addresses all processes.
Hence, answer at Option C above alone is correct.

229
DISA Review Questions, Answers Manual

579. What is the essence of Total Quality Management strategy ?


A. Focus exclusively on products & services rather than processes
B. Producing best quality products
C. Focus on exclusively on processes as a means to an end
D. Achieving long term success through customer satisfaction
KEY D
Justification
TQM strategy aims at achieving long term success through customer satisfaction. It
aims to do this through quality management at all levels, improving products, services,
processes as also culture. Hence, answer at Option D above alone is correct.
580. State True or False. The guidelines for specific processes and procedures in
COBIT 5 have been designed robustly with the latest best practices incorporated.
While implementing the framework, these processes / procedures need to be kept
intact and not tweaked or tinkered with.
A. FALSE
B. TRUE
KEY A
Justification
The design of processes and procedures suggested in COBIT 5 need to be tailored
appropriately to suit the needs of the enterprise’s culture, management style & IT
environment. The recommended best practices, too, should be adapted to suit the
particular enterprise where it is being implemented. Hence, the statement in the Stem is
incorrect and the answer at Option A is correct.
581. One of the primary reasons for implementing Governance of Enterprise IT (GEIT)
is to alleviate pain points in the organization. Another major reason is
______________
A. Ensure up-to-date technology
B. Trigger events like merger/acquisition, new regulations, etc.
C. Achieve stake holder satisfaction
D. Higher vulnerability of IT compared to other functions

230
Governance and Management of Enterprise Information Technology, Risk …

KEY B
Justification
The other major reasons for implementing GEIT are trigger events which create
changes in the environment. Answers in Options A and C may also be factually true but
are not necessarily major reasons for implementing GEIT. Answer in Option D is not
correct.
Hence, the answer at Option B is correct.
582. Which one of the following could be a Critical Success factor in GEIT
implementation ?
A. The project is handled exclusively & in isolation to day-to-day business
B. Execution authority & responsibility is retained at the highest levels
C. Top management provides direction and mandate
D. Trigger events like merger/acquisition, new regulations, etc.
KEY C
Justification
One of the critical success factors above is the need for top management to provide
direction and mandate for the project, as indicated in Option C. Integration of the project
with day-to-business is essential for the success of the project contrary to what is stated
in Option B. Similarly, authority & responsibility have to be cascaded down to the level
at which project implementation happens, ideally at the level of an anchor person.
Trigger events may precipitate the implementation of GEIT but cannot be critical
success factors. Hence, the answer at Option C is correct
583. Which one of the following could be a Critical Success factor in GEIT
implementation ?
A. Trigger events like merger/acquisition, new regulations, etc.
B. The project is handled exclusively & in isolation to day-to-day business
C. Focus on quick wins to demonstrate benefit & build confidence
D. Execution authority & responsibility is retained at the highest levels
KEY C
Justification
Early successes help instil confidence in the initiative & stimulate co-operation, as
indicated in Option C. Trigger events may precipitate the implementation of GEIT but
cannot be critical success factors. Integration of the project with day-to-business is

231

You might also like