What is the role of the internal audit function when defining the EGIT target state?
Correct Answer: A
The internal audit function is an independent and objective assurance and consulting activity that evaluates and improves the effectiveness of governance, risk management, and control processes in an enterprise. The internal audit function has a role in defining the EGIT target state, which is the desired state of information and technology governance in an enterprise that is aligned with its strategy, objectives, and stakeholder needs. The role of the internal audit function in this process is to provide advice and assist with target-state positioning and gap priorities. This means that the internal audit function can help to identify the current state of information and technology governance in an enterprise, assess the gaps and issues that need to be addressed, determine the target state of information and technology governance that is optimal for the enterprise, and prioritize the actions and initiatives that are required to achieve the target state. The internal audit function can also provide assurance on the design and implementation of the EGIT target state by evaluating its adequacy, effectiveness, efficiency, and compliance.References: : COBIT 2019 Implementation Guide, page 51-52 : COBIT 2019 Framework: Introduction and Methodology, page 30-31
Question 117
Which of the following COBIT organizational structure roles fulfills the practice and creates the intended outcome?
Correct Answer: B
Explanation The responsible role fulfills the practice and creates the intended outcome within an organizational structure chart (RACI chart). A RACI chart is a tool that assigns different levels of responsibility, accountability, consultation, and information to roles and organizational structures for each governance and management objective. The responsible role means performing or overseeing a task or process. There can be more than one responsible role for each task or process, but they must be coordinated by the accountable role. The responsible role fulfills the practice and creates the intended outcome by executing or supervising the process activities.13 References: COBIT 2019 Framework: Introduction and Methodology, COBIT 2019 Framework: Roles, Responsibilities & RACI Charts
Question 118
In most cases, management of the enterprise is the responsibility of:
Correct Answer: A
A strategic (enterprise) PMO (sometimes called the office of strategy management) plays a role in linking the organization's projects to its strategic plans.
Question 119
When tailoring the COBIT organization structure to organizational context and priorities, which of the following should be done NEXT after mapping organizational structures with specific responsibility or accountability?
Correct Answer: C
Explanation When tailoring the COBIT organization structure to organizational context and priorities, the next step after mapping organizational structures with specific responsibility or accountability is to add two levels of involvement for consulted and informed. This step helps to identify the stakeholders who need to be involved in the decision-making process, either by providing input or feedback (consulted), or by being notified of the outcomes or actions (informed). This step is based on the COBIT 2019 Implementation Guide2, page 46. References: 2: COBIT 2019 Implementation Guide | Digital | English
Question 120
Which of the following components is important to update in a COBIT RACI chart to align with the enterprise's context, priorities and preferred terminology?
