Looking For Real Exam Questions For IT Certification Exams!
Looking For Real Exam Questions For IT Certification Exams!
Looking For Real Exam Questions For IT Certification Exams!
We guarantee you can pass any IT certification exam at your first attempt with just 10-12
hours study of our guides.
Our study guides contain actual exam questions; accurate answers with detailed explanation
verified by experts and all graphics and drag-n-drop exhibits shown just as on the real test.
To test the quality of our guides, you can download the one-fourth portion of any guide from
http://www.certificationking.com absolutely free. You can also download the guides for retired
exams that you might have taken in the past.
For other payment options and any further query, feel free to mail us at
info@certificationking.com
Isaca CGEIT : Practice Test
Topic 1, Volume A
Question No : 1 - (Topic 1)
You are the project manager of the NHQ project for your company. You are working with
your project team to complete a risk audit. A recent issue that your project team responded
to, and management approved, was to increase the project schedule because there was
risk surrounding the installation time of a new material. Your logic was that with the
expanded schedule there would be time to complete the installation without affecting
downstream project activities. What type of risk response is being audited in this scenario?
A. Avoidance
B. Mitigation
C. Parkinson's Law
D. Lag Time
Answer: A
Question No : 2 - (Topic 1)
You are the project manager for your organization. You are preparing for the quantitative
risk analysis. Mark, a project team member, wants to know why you need to do quantitative
risk analysis when you just completed qualitative risk analysis. Which one of the following
statements best defines what quantitative risk analysis is?
A. Quantitative risk analysis is the process of prioritizing risks for further analysis or action
by assessing and combining their probability of occurrence and impact.
B. Quantitative risk analysis is the planning and quantification of risk responses based on
probability and impact of each risk event.
C. Quantitative risk analysis is the review of the risk events with the high probability and the
highest impact on the project objectives.
D. Quantitative risk analysis is the process of numerically analyzing the effect of identified
risks on overall project objectives.
Answer: D
Question No : 3 - (Topic 1)
Your project spans the entire organization. You would like to assess the risk of the project
www.CertificationKing.com 2
Isaca CGEIT : Practice Test
but are worried that some of the managers involved in the project could affect the outcome
of any risk identification meeting. Your worry is based on the fact that some employees
would not want to publicly identify risk events that could make their supervisors look bad.
You would like a method that would allow participants to anonymously identify risk events.
What risk identification method could you use?
A. Delphi technique
B. Isolated pilot groups
C. SWOT analysis
D. Root cause analysis
Answer: A
________is also referred to as corporate governance, and covers issues such as board
structures, roles and executive remuneration.
Answer: Conformance
Question No : 6 - (Topic 1)
www.CertificationKing.com 3
Isaca CGEIT : Practice Test
C. Strategic Planning
D. Strategic Service Assessment
E. Service Strategy Definition
Answer: B
Question No : 7 - (Topic 1)
Mary is the business analyst for your organization. She asks you what the purpose of the
assess capability gaps task is. Which of the following is the best response to give Mary?
A. It identifies the causal factors that are contributing to an effect the solution will solve.
B. It identifies new capabilities required by the organization to meet the business need.
C. It describes the ends that the organization wants to improve.
D. It identifies the skill gaps in the existing resources.
Answer: B
Question No : 8 - (Topic 1)
Which of the following are the roles of a CEO in the Resource management framework?
Each correct answer represents a complete solution. Choose all that apply.
Answer: A,B,D
_________is the study of how the variation (uncertainty) in the output of a mathematical
model can be apportioned, qualitatively or quantitatively, to different sources of variation in
the input of a model
www.CertificationKing.com 4
Isaca CGEIT : Practice Test
Answer: Sensitivity analysis
Question No : 10 - (Topic 1)
Which of the following is a process that occurs due to mergers, outsourcing or changing
business needs?
A. Voluntary exit
B. Plant closing
C. Involuntary exit
D. Outplacement
Answer: C
Fill in the blank with the appropriate word. An ___________ is a resource, process,
product, computing infrastructure, and so forth that an organization has determined must
be protected.
Answer: asset
Question No : 12 - (Topic 1)
You work as a project manager for TYU project. You are planning for risk mitigation.
You need to identify the risks that will need a more in-depth analysis. Which of the following
activities will help you in this?
Answer: C
www.CertificationKing.com 5
Isaca CGEIT : Practice Test
Question No : 13 - (Topic 1)
An organization supports both programs and projects for various industries. What is a
portfolio?
A. A portfolio describes all of the monies that are invested in the organization.
B. A portfolio is the total amount of funds that have been invested in programs, projects,
and operations.
C. A portfolio describes any project or program within one industry or application area.
D. A portfolio describes the organization of related projects, programs, and operations.
Answer: D
Question No : 14 - (Topic 1)
Your organization mainly focuses on the production of bicycles for selling it around the
world. In addition to this, the organization also produces scooters. Management wants to
restrict its line of production to bicycles. Therefore, it decides to sell the scooter production
department to another competitor. Which of the following terms best describes the sale of
the scooter production department to your competitor?
A. Corporate restructure
B. Divestiture
C. Rightsizing
D. Outsourcing
Answer: B
Question No : 15 - (Topic 1)
You are the business analyst for your organization and are preparing to conduct
stakeholder analysis. As part of this process you realize that you'll need several inputs.
Which one of the following is NOT an input you'll use for the conduct stakeholder analysis
task?
www.CertificationKing.com 6
Isaca CGEIT : Practice Test
B. Enterprise architecture
C. Business need
D. Enterprise environmental factors
Answer: D
Question No : 16 - (Topic 1)
Which of the following is the process of comparing the business processes and
performance metrics including cost, cycle time, productivity, or quality?
A. Agreement
B. COBIT
C. Service Improvement Plan
D. Benchmarking
Answer: D
Question No : 17 - (Topic 1)
You are the project manager of a large project that will last four years. In this project, you
would like to model the risk based on its distribution, impact, and other factors.
There are three modeling techniques that a project manager can use to include both event-
oriented and project oriented analysis. Which modeling technique does NOT provide event-
oriented and project oriented analysis for identified risks?
Answer: D
Question No : 18 - (Topic 1)
www.CertificationKing.com 7
Isaca CGEIT : Practice Test
"This is the process of numerically analyzing the effect of identified risks on overall project
objectives."
A. Identify Risks
B. Perform Qualitative Risk Analysis
C. Perform Quantitative Risk Analysis
D. Monitor and Control Risks
Answer: C
Question No : 19 - (Topic 1)
Which of the following guidelines for performing benchmarking identifies the critical
processes and creates measurement techniques to grade the process?
A. Research
B. Adapt
C. Plan
D. Improve
Answer: C
Question No : 20 - (Topic 1)
Jenny is the project manager for the NBT projects. She is working with the project team
and several subject matter experts to perform the quantitative risk analysis process.
During this process she and the project team uncover several risks events that were not
previously identified. What should Jenny do with these risk events?
Answer: B
www.CertificationKing.com 8
Isaca CGEIT : Practice Test
Question No : 21 - (Topic 1)
Beth is a project team member on the JHG Project. Beth has added extra features to the
project and this has introduced new risks to the project work. The project manager of the
JHG project elects to remove the features Beth has added. The process of removing the
extra features to remove the risks is called what?
A. Corrective action
B. Preventive action
C. Scope creep
D. Defect repair
Answer: B
Question No : 22 - (Topic 1)
Which of the following elements of planning gap measures the gap between the total
potential for the market and the actual current usage by all the consumers in the market?
A. Project gap
B. Competitive gap
C. Usage gap
D. Product gap
Answer: C
Question No : 23 - (Topic 1)
Mark is the project manager of the BFL project for his organization. He and the project
team are creating a probability and impact matrix using RAG rating. There is some
confusion and disagreement among the project team as to how a certain risk is important
and priority for attention should be managed. Where can Mark determine the priority of a
risk given its probability and impact?
www.CertificationKing.com 9
Isaca CGEIT : Practice Test
D. Risk management plan
Answer: B
Question No : 24 - (Topic 1)
Which of the following processes is responsible for low risk, frequently occurring low cost
changes?
A. Incident Management
B. IT Facilities Management
C. Release Management
D. Request Fulfillment
Answer: D
Question No : 25 - (Topic 1)
You are a management consultant. WebTech Inc., an e-commerce organization, hires you
to analyze its SWOT. Which of the following factors will you not consider for the SWOT
analysis?
A. Bandwidth
B. Pricing
C. Product
D. Promotion
Answer: A
Question No : 26 - (Topic 1)
You work as a project manager for BlueWell Inc. You are working on a project and the
management wants a rapid and cost-effective means for establishing priorities for planning
risk responses in your project. Which risk management process can satisfy management's
objective for your project?
A. Quantitative analysis
www.CertificationKing.com 10
Isaca CGEIT : Practice Test
B. Qualitative risk analysis
C. Historical information
D. Rolling wave planning
Answer: B
Question No : 27 - (Topic 1)
You are the project manager for your organization and you are working with Thomas, a
project team member. You and Thomas have been working on a specific risk response for
a probable risk event in the project. Thomas is empowered with a risk response and will
control all aspects of the identified risk response in which a particular risk event will happen
within the project. What title, in regard to risk, is bestowed on Thomas?
A. Risk coordinator
B. Risk expeditor
C. Risk owner
D. Risk team leader
Answer: C
Question No : 28 - (Topic 1)
Answer: C
www.CertificationKing.com 11
Isaca CGEIT : Practice Test
investments, produced by the IT Governance Institute (ITGI). It is a formal statement of
principles and processes for IT portfolio management. Drag and drop the correct domain
('Portfolio management') next to the IT processes defined by Val IT.
Answer:
www.CertificationKing.com 12
Isaca CGEIT : Practice Test
Question No : 30 - (Topic 1)
What are the various phases of the Software Assurance Acquisition process according to
the U.S. Department of Defense (DoD) and Department of Homeland Security (DHS)
Acquisition and Outsourcing Working Group?
Answer: D
Question No : 31 - (Topic 1)
Answer: C
Question No : 32 - (Topic 1)
Which of the following are the main goals of Broadcasting Board of Governors (BBG)'s
strategic plan 2008-2013?Each correct answer represents a complete solution. Choose all
that apply.
Answer: A,B,D
www.CertificationKing.com 13
Isaca CGEIT : Practice Test
Question No : 33 - (Topic 1)
Which of the following types of IT organizational structures states that all IT decision
making and the IT budget are in one place, much easier to manage, and require much less
effort to organize?
A. Decentralized
B. Federated
C. Project-based
D. Centralized
Answer: D
Question No : 34 - (Topic 1)
A. LA
B. VPN
C. NDA
D. SLA
Answer: D
Question No : 35 - (Topic 1)
Which of the following domains of COBIT covers areas such as the execution of the
applications within the IT system and its results as well as the support processes that
enable the effective and efficient execution of these IT systems?
Answer: A
www.CertificationKing.com 14
Isaca CGEIT : Practice Test
Question No : 36 - (Topic 1)
Gary has identified a project risk that could injure project team members. He does not want
to accept any risk where someone could become injured on this project so he hires a
professional vendor to complete this portion of the project work. This workaround to the risk
event is known as what type of risk response?
A. Avoidance
B. Mitigation
C. Acceptance
D. Transference
Answer: D
Question No : 37 - (Topic 1)
Management has asked you to perform a risk audit and report back on the results.
Bonny, a project team member asks you what a risk audit is. What do you tell Bonny?
A. A risk audit is a review of the effectiveness of the risk responses in dealing with
identified risks and their root causes, as well as the effectiveness of the risk management
process.
B. A risk audit is a review of all the risks that have yet to occur and what their probability of
happening are.
C. A risk audit is an audit of all the risks that have occurred in the project and what their
true impact on cost and time has been.
D. A risk audit is a review of all the risk probability and impact for the risks, which are still
present in the project but which have not yet occurred.
Answer: A
Question No : 38 - (Topic 1)
Wendy is the project manager of the FBL project for your company. She has identified
several risks within her project and has created a risk contingency reserve of $45,000 total.
Her project is nearly complete and many of the risks have not happened in the project.
What should Wendy do with the funds in the contingency reserve?
www.CertificationKing.com 15
Isaca CGEIT : Practice Test
A. The funds for the risks that have passed and have not happened are transferred to the
project budget.
B. The funds remain in the contingency reserve until all of the risks have passed.
C. The funds remain in the contingency reserve until the project is closed.
D. The funds for the risks that have passed and have not happened are released.
Answer: D
Question No : 39 - (Topic 1)
Which of the following frameworks defines ERM as a process, effected by an entity's board
of directors, management, and other personnel, applied in strategy setting and across the
enterprise?
A. COBIT
B. COSO ERM framework
C. Casualty Actuarial Society framework
D. Val IT
Answer: B
Question No : 40 - (Topic 1)
The IT strategy formulation process consists of four steps to provide guidance to all who
are involved. Which of the following steps are performed in the IT strategy formulation
process? Each correct answer represents a complete solution. Choose all that apply.
Answer: A,B,D
Question No : 41 - (Topic 1)
www.CertificationKing.com 16
Isaca CGEIT : Practice Test
execution of activities by staff within their control and monitor the consequences arising
from these actions?
Answer: B
Drag and drop the various architecture domains for TOGAF at the appropriate places.
Answer:
www.CertificationKing.com 17
Isaca CGEIT : Practice Test
The Information Technology Infrastructure Library (ITIL) is a set of concepts and policies
for managing information technology (IT) infrastructure, development, and operations. Drag
and drop the ITIL processes that focus on service operation, i.e. operational processes in
Service Support, in the correct places.
Answer:
www.CertificationKing.com 18
Isaca CGEIT : Practice Test
Question No : 44 - (Topic 1)
You are the project manager of the HJK project for your organization. You and the project
team have created risk responses for many of the risk events in the project. A teaming
agreement is an example of what risk response?
A. Mitigation
B. Sharing
C. Transference
D. Acceptance
Answer: B
Question No : 45 - (Topic 1)
Answer: B
www.CertificationKing.com 19
Isaca CGEIT : Practice Test
Question No : 46 - (Topic 1)
In which of the following phases of the SDLC does the software and other components of
the system faithfully incorporate the design specifications and provide proper
documentation and training?
A. Design
B. Initiation
C. Programming and training
D. Evaluation and acceptance
Answer: C
Question No : 47 - (Topic 1)
You are the project manager of a newly formed project to create a new manufacturing
facility. You are working with a business analyst to identify, document, and prioritize
stakeholders' needs for the facility. You'll also need to quantify any subjective terms and
needs to define the project scope. What is this process called?
A. Requirements analysis
B. Project scope statement creation
C. Requirements gathering
D. Stakeholder analysis
Answer: D
Question No : 48 - (Topic 1)
A. Communication
B. Structure
C. Project
D. Process
www.CertificationKing.com 20
Isaca CGEIT : Practice Test
Answer: A,B,D
Question No : 49 - (Topic 1)
Which of the following roles is responsible for review and risk analysis of all contracts on a
regular basis?
Answer: B
Question No : 50 - (Topic 1)
All projects that are presented in your organization must go through a board to review the
return on investment, risk, and worthiness of a project. All projects are considered but not
all projects are initiated. What is the name of the process that this board is completing in
your organization?
Answer: C
Question No : 51 - (Topic 1)
A. Integrated Capability
B. Portfolio Planning Analysis
C. Portfolio What-If Planning
www.CertificationKing.com 21
Isaca CGEIT : Practice Test
D. Portfolio Management
Answer: C
Question No : 52 - (Topic 1)
Fred is the project manager of the PKL project. He is working with his project team to
complete the quantitative risk analysis process as a part of risk management planning.
Fred understands that once the quantitative risk analysis process is complete, the process
will need to be completed again in at least two other times in the project. When will the
quantitative risk analysis process need to be repeated?
A. Quantitative risk analysis process will be completed again after the risk response
planning and as a part of monitoring and controlling.
B. Quantitative risk analysis process will be completed again after the plan risk response
planning and as part of procurement.
C. Quantitative risk analysis process will be completed again after new risks are identified
and as pa of monitoring and controlling.
D. Quantitative risk analysis process will be completed again after the cost management
planning an as a part of monitoring and controlling.
Answer: A
Question No : 53 - (Topic 1)
You work as a project manager for BlueWell Inc. There has been a delay in your project
work that is adversely affecting the project schedule. You decided, with your stakeholders'
approval, to fast track the project work to get the project done faster. When you fast track
the project which of the following are likely to increase?
A. Costs
B. Risks
C. Human resource needs
D. Quality control concerns
Answer: B
Question No : 54 - (Topic 1)
www.CertificationKing.com 22
Isaca CGEIT : Practice Test
Which of the following processes ensures that all vital assets and resources of the
organization are safeguarded?
Answer: D
Question No : 55 - (Topic 1)
In software development, which of the following analysis is used to document the services
and functions that have been accidentally left out, deliberately eliminated or still need to be
developed?
A. Vulnerability analysis
B. Cost-benefit analysis
C. Requirement analysis
D. Gap analysis
Answer: D
Question No : 56 - (Topic 1)
The entry points to Service Strategy are referred to as "the Four Ps". They identify the
different forms a service strategy may take. Which of the following is a correct list of the
'Four Ps'?
Answer: D
Question No : 57 - (Topic 1)
www.CertificationKing.com 23
Isaca CGEIT : Practice Test
Melody is the project manager for her organization. She has created a risk response to
conduct more tests on the software her project is creating. The identified risk that prompted
this response was that the software is mission-critical and must be flawless before it can be
put into product. What type of a risk response has Melody used in this scenario?
A. Transference
B. Enhance
C. Avoidance
D. Mitigation
Answer: D
Question No : 58 - (Topic 1)
Which of the following are the roles of a CIO in the Resource management framework?
Each correct answer represents a complete solution. Choose all that apply.
Answer: A,B,C
Question No : 59 - (Topic 1)
Elizabeth is a project manager for her organization and she finds risk management to be
very difficult for her to manage. She asks you, a lead project manager, at what stage in the
project will risk management become easier. What answer best resolves the difficulty of
risk management practices and the effort required?
Answer: A
www.CertificationKing.com 24
Isaca CGEIT : Practice Test
Question No : 60 - (Topic 1)
Which of the following stages of the Forrester's IT Governance Maturity Model describes
that the IT governance processes are applied across the enterprise where all business
units/entities conform to the same set of IT governance processes, and IT investment
decisions are based on the enterprise view?
A. Stage 3-Consistent
B. Stage 4-Best practices
C. Stage 1-Ad hoc
D. Stage 2-Fragmented
Answer: A
You are the project manager of the AMD project for your organization. In this project, you
are currently performing quantitative risk analysis. The tool and technique you are using is
simulation where the project model is computed many times with the input values chosen
at random for each iteration. The goal is to create a probability distribution from the
iterations for the project schedule. What technique will you use with this simulation?
Question No : 62 - (Topic 1)
Robert is the business analyst for his organization and he's working with several
stakeholders to identify the business need for an opportunity. Robert needs to identify the
stakeholder that will be responsible for authorizing the actions needed in order to meet the
identified business need. Which stakeholder does Robert need to identify?
A. Regulator
B. Implementation Subject Matter Expert
C. Sponsor
www.CertificationKing.com 25
Isaca CGEIT : Practice Test
D. Customer
Answer: C
Question No : 63 - (Topic 1)
Which of the following levels of Gartner's cost optimization framework describes the right
kind of partnership with IT vendors, which can benefit each party in times of economic
upturns?
Answer: C
Question No : 64 - (Topic 1)
A. Brainstorming
B. Scope modeling
C. Interviews
D. Surveys
Answer: D
Question No : 65 - (Topic 1)
Which of the following are parts of SWOT Analysis? Each correct answer represents a
complete solution. Choose all that apply.
A. Optimism
B. Threats
C. Weaknesses
www.CertificationKing.com 26
Isaca CGEIT : Practice Test
D. Opportunities
E. Tools
F. Strengths
Answer: B,C,D,F
Question No : 66 - (Topic 1)
You are the project manager of the NNN project for your company. You and the project
team are working together to plan the risk responses for the project. You feel that the team
has successfully completed the risk response planning and now you must initiate what risk
process it is. Which of the following risk processes is repeated after the plan risk responses
to determine if the overall project risk has been satisfactorily decreased?
Answer: B
Question No : 67 - (Topic 1)
You are the project manager for your company and a new change request has been
approved for your project. This change request, however, has introduced several new risks
to the project. You have communicated these risk events and the project stakeholders
understand the possible effects these risks could have on your project. You elect to create
a mitigation response for the identified risk events. Where will you record the mitigation
response?
A. Risk log
B. Risk management plan
C. Risk register
D. Project management plan
Answer: C
Question No : 68 - (Topic 1)
www.CertificationKing.com 27
Isaca CGEIT : Practice Test
Which positive risk response best describes a teaming agreement?
A. Enhance
B. Exploit
C. Share
D. Venture
Answer: C
Question No : 69 - (Topic 1)
Your project is an agricultural-based project that deals with plant irrigation systems.
You have discovered a byproduct in your project that your organization could use to make
a profit you’re your organization seizes this opportunity it would be an example of what risk
response?
A. Exploiting
B. Positive
C. Opportunistic
D. Enhancing
Answer: A
Question No : 70 - (Topic 1)
Which document refers to the steps that must be taken if there is a major gap in the
projected delivery quality of a service and the actual delivery?
Answer: A
Question No : 71 - (Topic 1)
www.CertificationKing.com 28
Isaca CGEIT : Practice Test
Which of the following responsibilities are performed by the core team of IT governance?
Each correct answer represents a complete solution. Choose all that apply.
Answer: B,C,D
Question No : 72 - (Topic 1)
A. VMM
B. Val IT
C. Risk IT
D. COBIT
Answer: B
Question No : 73 - (Topic 1)
Which of the following roles in Service Design is responsible for delivering a particular
service within the agreed service levels and also acts as the counterpart of the Service
Level Manager when negotiating OLAs?
Answer: C
Question No : 74 - (Topic 1)
www.CertificationKing.com 29
Isaca CGEIT : Practice Test
Harold is the project manager of a large project in his organization. He has been actively
communicating and working with the project stakeholders. One of the outputs of the
manage stakeholder expectations process can actually create new risk events for Harold's
project. Which output of the manage stakeholder expectations process can create risks?
Answer: C
Question No : 75 - (Topic 1)
Which of the following concepts is the business practice of developing and implementing
comprehensive risk management and security practices for a firm's entire value chain?
A. TOGAF
B. TQM
C. BSC
D. TSM
Answer: D
Question No : 76 - (Topic 1)
Answer: A,B,D
www.CertificationKing.com 30
Isaca CGEIT : Practice Test
Question No : 77 - (Topic 1)
Beth is an HR Professional for her organization and she's been alerted by management
that the company will be outsourcing a large portion of operations. This outsourcing will
likely cause several employees to lose employment with the organization. Which of the
following is the best course of action that Beth can take in regard to communicating with
the employees about the outsourcing change?
Answer: A
Question No : 78 - (Topic 1)
Which of the following processes are involved under the COBIT framework? Each correct
answer represents a complete solution. Choose all that apply.
Answer: A,C,D
Question No : 79 - (Topic 1)
Which of the following types of IT organizational structures states that all IT resources are
centralized under a single reporting structure with centralized resource allocation (staffing),
and the organizational structure is built around the resource pools?
A. Federated
B. Centralized
C. Project-based
D. Decentralized
Answer: C
www.CertificationKing.com 31
Isaca CGEIT : Practice Test
Question No : 80 - (Topic 1)
Lisa is the project manager of the SQL project for her company. She has completed the
risk response planning with her project team and is now ready to update the risk register to
reflect the risk response. Which of the following statements best describes the level of
detail Lisa should include with the risk responses she has created?
Answer: B
Question No : 81 - (Topic 1)
Which of the following domains of CGEIT aims to guarantee that the IT enables and
supports the achievement of business objectives through the integration of IT strategic
plans with business strategic plans and the alignment of IT services with enterprise
operations?
A. Risk Management
B. IT Governance Framework
C. Strategic Alignment
D. Value Delivery
Answer: C
Question No : 82 - (Topic 1)
You are the project manager for the ABC organization. Your current project has 75 internal
stakeholders and 245 external stakeholders. Many of the risks within your project will only
affect the internal stakeholders, but several of the identified risk events will affect the
external stakeholders. Management would like to know the total number of communication
channels in the project. How many communication channels exist in this project?
www.CertificationKing.com 32
Isaca CGEIT : Practice Test
A. 245
B. 102,080
C. 51,040
D. 320
Answer: C
Question No : 83 - (Topic 1)
Which of the following is a process improvement approach that provides organizations with
the essential elements for effective process improvement and guides process improvement
across a project, a division, or an entire organization?
Answer: A
Question No : 84 - (Topic 1)
Amy is the project manager for her company. In her current project the organization has a
very low tolerance for risk events that will affect the project schedule. Management has
asked Amy to consider the affect of all the risks on the project schedule. What approach
can Amy take to create a bias against risks that will affect the schedule of the project?
A. She can filter all risks based on their affect on schedule versus other project objectives.
B. She can have the project team pad their time estimates to alleviate delays in the project
schedule
C. She can shift risk-laden activities that affect the project schedule from the critical path as
much a possible.
D. She can create an overall project rating scheme to reflect the bias towards risks that
affect the project schedule.
Answer: D
Question No : 85 - (Topic 1)
www.CertificationKing.com 33
Isaca CGEIT : Practice Test
Della works as a project manager for SoftTech Inc. She is working with the project
stakeholders to begin the quantitative risk analysis process. Which of the following inputs
will be needed for the quantitative risk analysis process in her project? Each correct answer
represents a complete solution. Choose all that apply.
Answer: B,C,D
Question No : 86 - (Topic 1)
Answer: C
Question No : 87 - (Topic 1)
Marsha is the project manager of the NHQ Project. There's a risk that her project team has
identified, which could cause the project to be late by more than a month. Marsha does not
want this risk event to happen so she devises extra project activities to ensure that the risk
event will not happen. The extra steps, however, will cost the project an additional $10,000.
What type of risk response is this approach?
A. Exploiting
B. Transference
C. Mitigation
D. Enhancing
Answer: C
www.CertificationKing.com 34
Isaca CGEIT : Practice Test
Question No : 88 - (Topic 1)
Which of the following frameworks describes a standard for processes within business
information management at the strategy, management and operations level?
A. Val IT
B. BISL
C. COBIT
D. TOGAF
Answer: B
Question No : 89 - (Topic 1)
You are the project manager of a large construction project. You are evaluating the
strengths, weaknesses, opportunities, and threats involved in a project. In which of the
following processes are you on?
A. Define Scope
B. Identify Risks
C. Plan Risk Responses
D. Plan Risk Management
Answer: B
Question No : 90 - (Topic 1)
Which of the following is NOT a valid maturity level of the Software Capability Maturity
Model (CMM)?
A. Repeatable level
B. Managed level
C. Defined level
D. Fundamental level
Answer: D
Question No : 91 - (Topic 1)
www.CertificationKing.com 35
Isaca CGEIT : Practice Test
A project manager must have certain interpersonal skills to communicate with stakeholders
and manage their expectations of the project work. Which of the following interpersonal
skills has been identified as one of the biggest reasons for project success or failure?
A. Motivation
B. Influencing
C. Political and cultural awareness
D. Communication
Answer: D
Question No : 92 - (Topic 1)
TOGAF is based on four pillars, called architecture domains. Which of the following
architecture domains provides a blueprint for the individual application systems to be
deployed, the interactions between the application systems, and their relationships to the
core business processes of the organization with the frameworks for services to be
exposed as business functions for integration?
A. Business architecture
B. Applications architecture
C. Technical architecture
D. Data architecture
Answer: B
Question No : 93 - (Topic 1)
Which of the following external factors complicate the notion of business-IT for achieving
strategic alignment? Each correct answer represents a complete solution.
A. Resource limitations
B. Economic and regulatory changes
C. World region changes and events
D. Market changes
Answer: B,C,D
www.CertificationKing.com 36
Isaca CGEIT : Practice Test
Question No : 94 - (Topic 1)
You are hosting a collection of stakeholders from across the organization to identify the
ideas and attitudes about your company's help desk. You want the stakeholders to
honestly share their opinions about the help desk service so you can identify problems,
solutions, and take actions to improve the service. What type of requirements elicitation
activity is this?
Answer: C
Question No : 95 - (Topic 1)
Which of the following are the main objectives of the Performance measurement domain?
Each correct answer represents a complete solution. Choose all that apply.
Answer: A,C,D
Question No : 96 - (Topic 1)
You work as a project manager for TechSoft Inc. You are working with the project
stakeholders on the qualitative risk analysis process in your project. You have used all the
tools to the qualitative risk analysis process in your project. Which of the following
techniques is NOT used as a tool in qualitative risk analysis process?
www.CertificationKing.com 37
Isaca CGEIT : Practice Test
Answer: C
Question No : 97 - (Topic 1)
Paul has been asked to complete SWOT analysis for his solution scope. What does
Answer: B
Topic 2, Volume B
Question No : 98 - (Topic 2)
You work as a project manager for BlueWell Inc. You are about to complete the
quantitative risk analysis process for your project. You can use three available tools and
techniques to complete this process. Which one of the following is NOT a tool or technique
that is appropriate for the quantitative risk analysis process?
Answer: B
Question No : 99 - (Topic 2)
You work as a project manager for BlueWell Inc. Your project is using a new material to
construct a large warehouse in your city. This new material is cheaper than traditional
building materials, but it takes some time to learn how to use the material properly. You
have communicated to the project stakeholders that you will be able to save costs by using
www.CertificationKing.com 38