SlideShare a Scribd company logo

CISA Chapter 2 Excercise.pdf

S
spamfaifai

CISA Chapter 2 excercise, practice, and answer for educational purpose

Education
1 of 75
Download to read offline
CISA Chapter 2 Kelompok 2: Moch. Aqmal Rasyadan Reza Putra - 05211940000026 Ibadurrahman Ziaulhaq - 05211940000052 Ahmad Faiq - 05211940000070 Faros Nabilah Zaim - 05211940000079
1. The Software Engineering Institute’s Capability Maturity Model (CMM) is best described by which of the following options? A. Measurement of resources necessary to ensure a reduction in coding defects B. Documentation of accomplishments achieved during program development C. Relationship of application performance to the user’s stated requirement D. Baseline of the current progress or regression
1. The Software Engineering Institute’s Capability Maturity Model (CMM) is best described by which of the following options? A. Measurement of resources necessary to ensure a reduction in coding defects B. Documentation of accomplishments achieved during program development C. Relationship of application performance to the user’s stated requirement D. Baseline of the current progress or regression
Penjelasan
2. Which of the following options contains the steps for business process reengineering (BPR) in the proper sequence? A. Diagnose, envision, redesign, reconstruct B. Evaluate, envision, redesign, reconstruct, review C. Envision, initiate, diagnose, redesign, reconstruct, evaluate D. Initiate, evaluate, diagnose, reconstruct, review
2. Which of the following options contains the steps for business process reengineering (BPR) in the proper sequence? A. Diagnose, envision, redesign, reconstruct B. Evaluate, envision, redesign, reconstruct, review C. Envision, initiate, diagnose, redesign, reconstruct, evaluate D. Initiate, evaluate, diagnose, reconstruct, review
Penjelasan BPR Application Steps : 1. Envision (Visualize a need) 2. Initiate (Focus on planning the collection ) 3. Diagnose (Reviewing each process to calculate the value it creates) 4. Redesign (Ensure that the strategic objectives are met) 5. Reconstruct (The implementation phase) 6. Evaluate (Monitoring to ensure that it works and is producing the strategic value) Ch.2 p117-118
3. What is the name of the decentralized control method enabling someone to make a decision based on their own options? A. Executive B. Discretionary C. Detailed D. Mandatory
3. What is the name of the decentralized control method enabling someone to make a decision based on their own options? A. Executive B. Discretionary C. Detailed D. Mandatory
3. What is the name of the decentralized control method enabling someone to make a decision based on their own options? A. Executive B. Discretionary C. Detailed D. Mandatory Ch.2 p108
4. What would be the area of greatest interest during an audit of a business process reengineering (BPR) project? A. The steering committee approves sufficient controls for fraud detection. B. Planning methods include Program Evaluation Review Technique (PERT). C. Risk management planning alignment of the project to business objectives. D. Vendor participation, documentation, installation assistance, and training.
4. What would be the area of greatest interest during an audit of a business process reengineering (BPR) project? A. The steering committee approves sufficient controls for fraud detection. B. Planning methods include Program Evaluation Review Technique (PERT). C. Risk management planning alignment of the project to business objectives. D. Vendor participation, documentation, installation assistance, and training.
Penjelasan The steering committee provides guidance to IT concerning business objectives. A risk management plan must be in use for every BPR project. The purpose of risk management is to determine whether the project can actually fulfill a business objective. The second part of risk management is to determine whether the organization will be able to complete the project and generate the desired results. Frankly, most major disasters are caused by a domino effect of a tiny failure multiplying into numerous failures that become catastrophic. Overall, situations of high risk require a method to ensure that the problem receives adequate consideration and the appropriate level of effort to prevent an unfortunate outcome.
5. What is the correct sequence for benchmark processes in business process reengineering (BPR) projects? A. Plan, research, observe, analyze, adapt, improve B. Research, test, plan, adapt, analyze, improve C. Plan, observe, analyze, improve, test D. Observe, research, analyze, adapt, plan, implement
5. What is the correct sequence for benchmark processes in business process reengineering (BPR) projects? A. Plan, research, observe, analyze, adapt, improve B. Research, test, plan, adapt, analyze, improve C. Plan, observe, analyze, improve, test D. Observe, research, analyze, adapt, plan, implement
Penjelasan
6. The Capability Maturity Model (CMM) contains five levels of achievement. Which of the following options contains three of the levels in proper sequence? A. Initial, Managed, Repeatable B. Initial, Managed, Defined C. Defined, Managed, Optimized D. Managed, Defined, Repeatable
6. The Capability Maturity Model (CMM) contains five levels of achievement. Which of the following options contains three of the levels in proper sequence? A. Initial, Managed, Repeatable B. Initial, Managed, Defined C. Defined, Managed, Optimized D. Managed, Defined, Repeatable
7. The organization’s ___ is focused on exploiting trends forecast in the next three to five years A. Strategy B. Long‐term planning C. Operational plan D. Managerial plan
7. The organization’s ___ is focused on exploiting trends forecast in the next three to five years A. Strategy B. Long‐term planning C. Operational plan D. Managerial plan
Penjelasan Sebuah strategi memberikan jawaban atas “bisnis apa” yang diinginkan organisasi. Strategi ini didasarkan pada perencanaan skenario dan peramalan untuk mengubah struktur, prioritas, lokasi, dan staf organisasi. Ini bisa menghasilkan keputusan untuk membeli, menjual, atau mengkonsolidasikan.
8. Which of these is not the purpose of the ISO 15489 standard for a records management system? A. Define the legal definition of the minimum handling requirements for data records. B. Provide a legal standard of negligence and culpability. C. Eliminate the need for a detailed classification list of each data set. D. Define governance responsibilities during the life cycle of data.
8. Which of these is not the purpose of the ISO 15489 standard for a records management system? A. Define the legal definition of the minimum handling requirements for data records. B. Provide a legal standard of negligence and culpability. C. Eliminate the need for a detailed classification list of each data set. D. Define governance responsibilities during the life cycle of data.
Penjelasan ISO 15489-1:2016 mendefinisikan konsep dan prinsip dari mana pendekatan untuk pembuatan, penangkapan, dan pengelolaan arsip dikembangkan. Bagian ISO 15489 ini menjelaskan konsep dan prinsip yang berkaitan dengan hal-hal berikut: a) catatan, metadata untuk catatan dan sistem catatan; b) kebijakan, tanggung jawab yang diberikan, pemantauan dan pelatihan yang mendukung pengelolaan arsip yang efektif; c) analisis berulang dari konteks bisnis dan identifikasi persyaratan catatan; d) pengendalian catatan; e) proses untuk membuat, menangkap dan mengelola catatan.
9. What is the primary technique for reporting compliance with key requirements in operations? A. Technical recommendations from IT B. Identify business issues and governance objectives C. COBIT performance framework D. Individual elements created from contracts and regulations
9. What is the primary technique for reporting compliance with key requirements in operations? A. Technical recommendations from IT B. Identify business issues and governance objectives C. COBIT performance framework D. Individual elements created from contracts and regulations
Penjelasan Menggunakan compliance matrix poin poin yang telah klien komitmenkan dalam kontrak yang ditandatangani, service-level yang diiklankan, dan poin spesifik dalam peraturan akan menentukan elemen layanan paling penting yang diperlukan untuk mendukung operasi bisnis.
10. Which of these strategies is used in business process reengineering with an incremental approach? A. Bottom‐up B. End‐state C. Unconstrained D. Top‐down
10. Which of these strategies is used in business process reengineering with an incremental approach? A. Bottom‐up B. End‐state C. Unconstrained D. Top‐down
Penjelasan Pendekatan inkremental menggunakan pemodelan bottom-up dari proses yang ada. Fokusnya adalah membuat perubahan bertahap pada proses saat ini dengan mengidentifikasi peluang untuk perbaikan.
11. During the selection of a BPR project, which of the following is the ideal target with the highest return? A. Marginal process B. Nonworking process C. Working process D. Excluded process
11. During the selection of a BPR project, which of the following is the ideal target with the highest return? A. Marginal process B. Nonworking process C. Working process D. Excluded process
Penjelasan
12. Who sets the priorities and objectives of the IT balanced scorecard (BSC)? A. Chief information officer (CIO) B. Chief financial officer (CFO) C. Chief executive officer (CEO) D. IT steering committee
12. Who sets the priorities and objectives of the IT balanced scorecard (BSC)? A. Chief information officer (CIO) B. Chief financial officer (CFO) C. Chief executive officer (CEO) D. IT steering committee
Penjelasan BSC dimaksudkan untuk memberikan pendekatan pemersatu tentang bagaimana CEO mengharapkan proses bisnis untuk berinteraksi di seluruh organisasi. IT BSC adalah bagian dari scorecard perusahaan CEO secara keseluruhan. CEO atau COO akan mengendalikan keputusan untuk menghilangkan pemborosan dan mencegah keputusan yang diarahkan sendiri oleh manajer departemen.
13. Which of the following is not an advantage of a mature project management office (PMO)?? A. Advanced planning assistance B. Master project register C. Coordination of projects across departments D. Independent projects
13. Which of the following is not an advantage of a mature project management office (PMO)?? A. Advanced planning assistance B. Master project register C. Coordination of projects across departments D. Independent projects
Penjelasan A. Within a mature PMO will be a pool of technical specialists, these specialists will know how to run advanced project‐planning software. B. Mature PMOs have a master project register of all projects that consume more than 40 hours of resources in the organization C. D. Independent Projects run contrary to PMO in that that they are “independent”
14. Which of the following business process reengineering (BPR) risks are likely to occur during the design phase? A. Transition risk, skill risk, financial risk B. Management risk, technical risk, HR risk C. Technical risk, detection risk, audit risk D. Scope risk, skill risk, political risk
14. Which of the following business process reengineering (BPR) risks are likely to occur during the design phase? A. Transition risk, skill risk, financial risk B. Management risk, technical risk, HR risk C. Technical risk, detection risk, audit risk D. Scope risk, skill risk, political risk
Penjelasan A. Transition risk ada pada fase implementasi B. Management risk ada pada fase operasi C. Tidak berhubungan secara langsung dengan fase desain D. Scope risk ( Serious problems will arise if the scope is improperly defined), skill risk, political risk (Sabotage is always possible from people fearing a loss of power or resistant to change)
15. What is the primary purpose of recurring employee drug screening and recurring criminal background checks? A. Determine if a person is eligible to work B. Prevent individuals from violating the law C. Enforce minimum governance controls for all employees D. Monitor for changes in employee behavior
15. What is the primary purpose of recurring employee drug screening and recurring criminal background checks? A. Determine if a person is eligible to work B. Prevent individuals from violating the law C. Enforce minimum governance controls for all employees D. Monitor for changes in employee behavior
Penjelasan Tujuan utama dari pengecekan narkotika dan catatan kriminal adalah untuk memenuhi syarat untuk bekerja dan mereka masih memenuhi syarat untuk tetap dalam pekerjaan mereka, sedangkan jawaban lain merupakan pengawasan secara lanjut, bukan tujuan utama
16. Which of the following statements is not true concerning the use of a records management system? A. Provides a list of each data file to be protected B. Is not necessary for evidence of proper record keeping C. Contains meta‐data describing acceptable and unacceptable handling procedures D. Details the foundation of all security control decisions determined by management
16. Which of the following statements is not true concerning the use of a records management system? A. Provides a list of each data file to be protected B. Is not necessary for evidence of proper record keeping C. Contains meta‐data describing acceptable and unacceptable handling procedures D. Details the foundation of all security control decisions determined by management
Penjelasan A. Complete RMS listing of each controlled data set currently under protection. B. The absence of a records management system (RMS) indicates that a governance control failure is present or has occurred. C&D. ISO 15489–based records management system (RMS) using well‐documented administrative policies and procedures
17. Which type of charge‐back scheme is notorious for violating separation of duties or for attempting to exceed authority? A. Sponsor pays B. Actual usage billing C. Charge‐back D. Budgeted cost
17. Which type of charge‐back scheme is notorious for violating separation of duties or for attempting to exceed authority? A. Sponsor pays B. Actual usage billing C. Charge‐back D. Budgeted cost
Penjelasan A. In exchange for funding the project, the sponsor may demand more authority over decisions. This method is notorious for creating shadow support organizations. B. Mainframe charge‐back schemes are particularly effective for usage billing C. Individual departments receive a direct charge for system use. This is designed to be a pay‐as‐you‐go style of accounting for IT expenses.
18. Why is change control considered a governance issue? A. Proper implementation of change control reduces the need for separate test and production systems. B. Change control increases the trust factor. C. It allows management to save time by granting more authority to administrators. D. It forces separation of duties to ensure that at least two people agree with the decision.
18. Why is change control considered a governance issue? A. Proper implementation of change control reduces the need for separate test and production systems. B. Change control increases the trust factor. C. It allows management to save time by granting more authority to administrators. D. It forces separation of duties to ensure that at least two people agree with the decision. The purpose is to reduce questionable decisions.
Penjelasan A. Separate test and production systems ada pada level manajemen bukan governance B. tidak berpengaruh secara langsung terhadap level pemegang keputusan tertinggi C. Change control membatasi autoritas admin D. It forces separation of duties to ensure that at least two people agree with the decision.
19. What is the advantage of using precedence diagram analysis during projects for business process reengineering (BPR)? A. It charts a detailed sequence of individual activities. B. It shows the ripple effect of changes. C. It is used to perform root cause analysis. D. It enables the use of decision tree reporting
19. What is the advantage of using precedence diagram analysis during projects for business process reengineering (BPR)? A. It charts a detailed sequence of individual activities. B. It shows the ripple effect of changes. C. It is used to perform root cause analysis. D. It enables the use of decision tree reporting
Penjelasan Precedence diagram analysis menunjukkan ripple effect dari perubahan dan menyediakan jalur kritis untuk menggambarkan tugas spesifik minimum yang diperlukan untuk menyelesaikan tujuan proyek. Teknik CPM merupakan tools yang berharga untuk menunjukkan apa yang harus dicapai versus apa yang diminta. Tugas ketergantungan tinggi dapat dilakukan, sementara tugas ketergantungan rendah dapat dibatalkan dari proyek.
20. Which statement about the Capability Maturity Model is not true? A. Level 3 provides quantitative measurement of the process output. B. Level 3 processes have published objectives, measurements, and standards that are in effect across departmental boundaries. C. Level 5 provides maximum control in outsourcing because the definition of requirements is very specific. D. Level 5 maturity converts a product into a commodity and allows a company to pay less and demand unquestionable adherence to management’s authority.
20. Which statement about the Capability Maturity Model is not true? A. Level 3 provides quantitative measurement of the process output. B. Level 3 processes have published objectives, measurements, and standards that are in effect across departmental boundaries. C. Level 5 provides maximum control in outsourcing because the definition of requirements is very specific. D. Level 5 maturity converts a product into a commodity and allows a company to pay less and demand unquestionable adherence to management’s authority.
Penjelasan Pengukuran kualitatif (berbasis opini) terjadi pada level 3, dan pengukuran kuantitatif (berbasis penghitungan) berada pada level 4. Level 5 secara efektif mengubah produk menjadi komoditas dengan maksud untuk memanfaatkan setiap persen dari peningkatan. Semua pekerja dianggap hanya melakukan apa yang diperintahkan dan tidak memiliki wewenang. Pada level 5, perusahaan memiliki kendali paling besar dan dapat memutuskan untuk melakukan outsourcing dengan pekerja bergaji lebih rendah.
21. Which of the following statements has the best correlation to the definition of strategy? A. Defines the techniques to be used in support of the business objective B. Defines the necessary procedures to accomplish the goal C. Defines guidelines to follow in a recipe for success D. Defines what business an organization is in for the next three years
21. Which of the following statements has the best correlation to the definition of strategy? A. Defines the techniques to be used in support of the business objective B. Defines the necessary procedures to accomplish the goal C. Defines guidelines to follow in a recipe for success D. Defines what business an organization is in for the next three years
Penjelasan Strategi mendefinisikan bisnis utama perusahaan untuk 3 sampai 5 tahun ke depan. Dengan menggunakan informasi ini, perusahaan dapat mengembangkan atau mengadopsi standar pendukung dan kemudian membuat prosedur tingkat rendah untuk mencapai tujuan strategis.
22. Which of the following is not considered a control failure? A. Using a policy that lacks a detective mechanism to identify violations B. Modifying an ineffective procedure outside of change control C. Testing to discover how many policy violations have occurred D. Implementing a policy or standard without consequences of failure
22. Which of the following is not considered a control failure? A. Using a policy that lacks a detective mechanism to identify violations B. Modifying an ineffective procedure outside of change control C. Testing to discover how many policy violations have occurred D. Implementing a policy or standard without consequences of failure
Penjelasan Semua opsi yang tersedia kecuali opsi C yaitu testing menunjukkan bahwa ada kegagalan kontrol. Kontrol efektif minimum harus mencakup tindakan pencegahan, detektif, dan korektif
23. Which of the following is not cited in the text as a reason that balanced scorecard (BSC) implementations could fail? A. Politics of losing the department budget B. Top management providing full support C. Lack of BSC training and awareness D. Empire building by the department head
23. Which of the following is not cited in the text as a reason that balanced scorecard (BSC) implementations could fail? A. Politics of losing the department budget B. Top management providing full support C. Lack of BSC training and awareness D. Empire building by the department head
Penjelasan Tujuan utama menggunakan BSC adalah untuk memastikan bahwa setiap orang di bawah manajemen CEO, COO, dan CFO memahami arahan terpadu utama. BSC dirancang untuk menghindari monopoli oleh kepala divisi, wakil presiden, dan direktur tingkat departemen. Deliverables nomor satu adalah memotong pemborosan dengan menghilangkan keputusan yang diarahkan sendiri di bawah level C dan mengembalikan kendali ke CEO atau eksekutif tertinggi.
24. A shadow organization refers to two groups performing similar functions under different departments. What does the presence of a shadow organization indicate? A. Twice the support coverage B. A relationship of trust and proper delegation of authority C. Executive distrust or failure to integrate D. A sponsor who is cooperating as a team player with separation of duties
24. A shadow organization refers to two groups performing similar functions under different departments. What does the presence of a shadow organization indicate? A. Twice the support coverage B. A relationship of trust and proper delegation of authority C. Executive distrust or failure to integrate D. A sponsor who is cooperating as a team player with separation of duties
Penjelasan Organisasi bayangan menunjukkan kegagalan integrasi yang disebabkan oleh ketidakpercayaan eksekutif atau konflik serupa. Hal ini menciptakan konflik tambahan dengan skala yang tidak efisien. Masalah termasuk strategi yang saling bertentangan dan sponsor melanggar pemisahan tugas atau melebihi otoritas normal mereka. Organisasi bayangan dikenal karena duplikasi usaha, menciptakan biaya gabungan yang tinggi bagi organisasi.
25. Which of the following statements is true concerning the steering committee? A. Steering committee membership is composed of directors from each department. B. The steering committee focuses the agenda on IT issues. C. Absence of a formal charter indicates a lack of controls. D. The steering committee conducts formal management oversight reviews.
25. Which of the following statements is true concerning the steering committee? A. Steering committee membership is composed of directors from each department. B. The steering committee focuses the agenda on IT issues. C. Absence of a formal charter indicates a lack of controls. D. The steering committee conducts formal management oversight reviews.
Penjelasan Komite pengarah harus disahkan oleh piagam formal. Kurangnya komite pengarah menunjukkan bahwa TI tidak diatur oleh keselarasan formal dengan tujuan bisnis. Investasi teknologi tidak dikelola dengan baik karena portofolio investasi harus dikelola. Tujuan dari komite pengarah adalah untuk menyampaikan masalah bisnis yang harus dipertimbangkan dan tujuan yang harus dipenuhi oleh TI. Keanggotaan individu dalam komite pengarah harus ditunjuk secara resmi.

Recommended

Q 1-4
Q 1-4Q 1-4
Q 1-4nilesh_2188
 
Introduction to service management quizes
Introduction to service management quizesIntroduction to service management quizes
Introduction to service management quizesnuwulang
 
A Multicriteria Model for Strategic Implementation of Business Process Manage...
A Multicriteria Model for Strategic Implementation of Business Process Manage...A Multicriteria Model for Strategic Implementation of Business Process Manage...
A Multicriteria Model for Strategic Implementation of Business Process Manage...CONFENIS 2012
 
Test Bank for Managing Operations Across the Supply Chain 2nd Edition by Swink
Test Bank for Managing Operations Across the Supply Chain 2nd Edition by SwinkTest Bank for Managing Operations Across the Supply Chain 2nd Edition by Swink
Test Bank for Managing Operations Across the Supply Chain 2nd Edition by Swinkriven012
 
Sqa 2 marks
Sqa 2 marksSqa 2 marks
Sqa 2 marksAruna Thillai
 
SEM 4 OM SUMMER 2014 ASSIGNMENTS
SEM 4 OM SUMMER 2014 ASSIGNMENTSSEM 4 OM SUMMER 2014 ASSIGNMENTS
SEM 4 OM SUMMER 2014 ASSIGNMENTSsolved_assignments
 
APMP More MC Questions
APMP More MC QuestionsAPMP More MC Questions
APMP More MC QuestionsMonica Waters
 
Project management
Project managementProject management
Project managementRohit Mishra
 

Recommended

Q 1-4
Q 1-4Q 1-4
Q 1-4nilesh_2188
 
Introduction to service management quizes
Introduction to service management quizesIntroduction to service management quizes
Introduction to service management quizesnuwulang
 
A Multicriteria Model for Strategic Implementation of Business Process Manage...
A Multicriteria Model for Strategic Implementation of Business Process Manage...A Multicriteria Model for Strategic Implementation of Business Process Manage...
A Multicriteria Model for Strategic Implementation of Business Process Manage...CONFENIS 2012
 
Test Bank for Managing Operations Across the Supply Chain 2nd Edition by Swink
Test Bank for Managing Operations Across the Supply Chain 2nd Edition by SwinkTest Bank for Managing Operations Across the Supply Chain 2nd Edition by Swink
Test Bank for Managing Operations Across the Supply Chain 2nd Edition by Swinkriven012
 
Sqa 2 marks
Sqa 2 marksSqa 2 marks
Sqa 2 marksAruna Thillai
 
SEM 4 OM SUMMER 2014 ASSIGNMENTS
SEM 4 OM SUMMER 2014 ASSIGNMENTSSEM 4 OM SUMMER 2014 ASSIGNMENTS
SEM 4 OM SUMMER 2014 ASSIGNMENTSsolved_assignments
 
APMP More MC Questions
APMP More MC QuestionsAPMP More MC Questions
APMP More MC QuestionsMonica Waters
 
Project management
Project managementProject management
Project managementRohit Mishra
 
Project management
Project managementProject management
Project managementRohit Mishra
 
Smu mba semester 2
Smu mba semester 2Smu mba semester 2
Smu mba semester 2Rajesh Kumar Singh
 
DISA 3-qbank with exp.docx
DISA 3-qbank with exp.docxDISA 3-qbank with exp.docx
DISA 3-qbank with exp.docxCAVEDPRAKASHPALIWAL
 
DISA 3-qbank with exp.docx
DISA 3-qbank with exp.docxDISA 3-qbank with exp.docx
DISA 3-qbank with exp.docxCAVEDPRAKASHPALIWAL
 
Cmmi Final
Cmmi FinalCmmi Final
Cmmi FinalIndranil Das
 
Presentation by sathish nataraj sundararajan
Presentation by sathish nataraj sundararajanPresentation by sathish nataraj sundararajan
Presentation by sathish nataraj sundararajanPMI_IREP_TP
 
: BPR IMPLEMENTAION AND TOOLS THAT SUPPORT BPR
: BPR IMPLEMENTAION AND TOOLS THAT SUPPORT BPR: BPR IMPLEMENTAION AND TOOLS THAT SUPPORT BPR
: BPR IMPLEMENTAION AND TOOLS THAT SUPPORT BPRPOOJA UDAYAN
 
Modern Maintenance & Reliability Management: Planning and Estimating Workshop...
Modern Maintenance & Reliability Management: Planning and Estimating Workshop...Modern Maintenance & Reliability Management: Planning and Estimating Workshop...
Modern Maintenance & Reliability Management: Planning and Estimating Workshop...Sagar Sangam Sahu
 
Process improvement for General Counsel and Law Firms
Process improvement for General Counsel and Law FirmsProcess improvement for General Counsel and Law Firms
Process improvement for General Counsel and Law FirmsGeorge Dunn
 
Advanced Maintenance Strategy Workshop by Tetrahedron
Advanced Maintenance Strategy Workshop by TetrahedronAdvanced Maintenance Strategy Workshop by Tetrahedron
Advanced Maintenance Strategy Workshop by TetrahedronSagar Sangam Sahu
 
Pmi, Opm3 And Cmmi Assessment Overview
Pmi, Opm3 And Cmmi Assessment OverviewPmi, Opm3 And Cmmi Assessment Overview
Pmi, Opm3 And Cmmi Assessment OverviewAlan McSweeney
 
Addendum 1 to iso presentation
Addendum 1 to iso presentationAddendum 1 to iso presentation
Addendum 1 to iso presentationC P Chandrasekaran
 
Chapter 1 Managing changeQ1 Figure 1.76 shows how bad an imple.docx
Chapter 1 Managing changeQ1 Figure 1.76 shows how bad an imple.docxChapter 1 Managing changeQ1 Figure 1.76 shows how bad an imple.docx
Chapter 1 Managing changeQ1 Figure 1.76 shows how bad an imple.docxtidwellveronique
 
Airport processes improvement
Airport processes improvementAirport processes improvement
Airport processes improvementJatinder Singh
 
NQA ISO 22301 Business Continuity Checklist
NQA ISO 22301 Business Continuity ChecklistNQA ISO 22301 Business Continuity Checklist
NQA ISO 22301 Business Continuity ChecklistNQA
 
Five Step Methodology To Implement Bpr
Five Step Methodology To Implement BprFive Step Methodology To Implement Bpr
Five Step Methodology To Implement BprRoy Antony Arnold G
 
An Application Of Six Sigma DMAIC Methodology In Outsourcing Management Proce...
An Application Of Six Sigma DMAIC Methodology In Outsourcing Management Proce...An Application Of Six Sigma DMAIC Methodology In Outsourcing Management Proce...
An Application Of Six Sigma DMAIC Methodology In Outsourcing Management Proce...Karen Gomez
 
Master the Field with CPIM-SMR Certification Exam A Comprehensive Guide
Master the Field with CPIM-SMR Certification Exam A Comprehensive GuideMaster the Field with CPIM-SMR Certification Exam A Comprehensive Guide
Master the Field with CPIM-SMR Certification Exam A Comprehensive GuideAliza Oscar
 
sample fcitsm paper 4v6a including rationale
sample fcitsm paper 4v6a including rationale sample fcitsm paper 4v6a including rationale
sample fcitsm paper 4v6a including rationaleEr Shuja Abbas
 
Steps to blueprint successful erp projects immortal
Steps to blueprint successful erp projects immortalSteps to blueprint successful erp projects immortal
Steps to blueprint successful erp projects immortalImmortal Technologies
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Maestría en Comunicación Digital Interactiva - UNR
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 

More Related Content

Similar to CISA Chapter 2 Excercise.pdf

Project management
Project managementProject management
Project managementRohit Mishra
 
Presentation by sathish nataraj sundararajan
Presentation by sathish nataraj sundararajanPresentation by sathish nataraj sundararajan
Presentation by sathish nataraj sundararajanPMI_IREP_TP
 
: BPR IMPLEMENTAION AND TOOLS THAT SUPPORT BPR
: BPR IMPLEMENTAION AND TOOLS THAT SUPPORT BPR: BPR IMPLEMENTAION AND TOOLS THAT SUPPORT BPR
: BPR IMPLEMENTAION AND TOOLS THAT SUPPORT BPRPOOJA UDAYAN
 
Modern Maintenance & Reliability Management: Planning and Estimating Workshop...
Modern Maintenance & Reliability Management: Planning and Estimating Workshop...Modern Maintenance & Reliability Management: Planning and Estimating Workshop...
Modern Maintenance & Reliability Management: Planning and Estimating Workshop...Sagar Sangam Sahu
 
Process improvement for General Counsel and Law Firms
Process improvement for General Counsel and Law FirmsProcess improvement for General Counsel and Law Firms
Process improvement for General Counsel and Law FirmsGeorge Dunn
 
Advanced Maintenance Strategy Workshop by Tetrahedron
Advanced Maintenance Strategy Workshop by TetrahedronAdvanced Maintenance Strategy Workshop by Tetrahedron
Advanced Maintenance Strategy Workshop by TetrahedronSagar Sangam Sahu
 
Pmi, Opm3 And Cmmi Assessment Overview
Pmi, Opm3 And Cmmi Assessment OverviewPmi, Opm3 And Cmmi Assessment Overview
Pmi, Opm3 And Cmmi Assessment OverviewAlan McSweeney
 
Addendum 1 to iso presentation
Addendum 1 to iso presentationAddendum 1 to iso presentation
Addendum 1 to iso presentationC P Chandrasekaran
 
Chapter 1 Managing changeQ1 Figure 1.76 shows how bad an imple.docx
Chapter 1 Managing changeQ1 Figure 1.76 shows how bad an imple.docxChapter 1 Managing changeQ1 Figure 1.76 shows how bad an imple.docx
Chapter 1 Managing changeQ1 Figure 1.76 shows how bad an imple.docxtidwellveronique
 
Airport processes improvement
Airport processes improvementAirport processes improvement
Airport processes improvementJatinder Singh
 
NQA ISO 22301 Business Continuity Checklist
NQA ISO 22301 Business Continuity ChecklistNQA ISO 22301 Business Continuity Checklist
NQA ISO 22301 Business Continuity ChecklistNQA
 
Five Step Methodology To Implement Bpr
Five Step Methodology To Implement BprFive Step Methodology To Implement Bpr
Five Step Methodology To Implement BprRoy Antony Arnold G
 
An Application Of Six Sigma DMAIC Methodology In Outsourcing Management Proce...
An Application Of Six Sigma DMAIC Methodology In Outsourcing Management Proce...An Application Of Six Sigma DMAIC Methodology In Outsourcing Management Proce...
An Application Of Six Sigma DMAIC Methodology In Outsourcing Management Proce...Karen Gomez
 
Master the Field with CPIM-SMR Certification Exam A Comprehensive Guide
Master the Field with CPIM-SMR Certification Exam A Comprehensive GuideMaster the Field with CPIM-SMR Certification Exam A Comprehensive Guide
Master the Field with CPIM-SMR Certification Exam A Comprehensive GuideAliza Oscar
 
sample fcitsm paper 4v6a including rationale
sample fcitsm paper 4v6a including rationale sample fcitsm paper 4v6a including rationale
sample fcitsm paper 4v6a including rationaleEr Shuja Abbas
 
Steps to blueprint successful erp projects immortal
Steps to blueprint successful erp projects immortalSteps to blueprint successful erp projects immortal
Steps to blueprint successful erp projects immortalImmortal Technologies
 

Similar to CISA Chapter 2 Excercise.pdf (20)

Project management
Project managementProject management
Project management
 
Smu mba semester 2
Smu mba semester 2Smu mba semester 2
Smu mba semester 2
 
DISA 3-qbank with exp.docx
DISA 3-qbank with exp.docxDISA 3-qbank with exp.docx
DISA 3-qbank with exp.docx
 
DISA 3-qbank with exp.docx
DISA 3-qbank with exp.docxDISA 3-qbank with exp.docx
DISA 3-qbank with exp.docx
 
Cmmi Final
Cmmi FinalCmmi Final
Cmmi Final
 
Presentation by sathish nataraj sundararajan
Presentation by sathish nataraj sundararajanPresentation by sathish nataraj sundararajan
Presentation by sathish nataraj sundararajan
 
: BPR IMPLEMENTAION AND TOOLS THAT SUPPORT BPR
: BPR IMPLEMENTAION AND TOOLS THAT SUPPORT BPR: BPR IMPLEMENTAION AND TOOLS THAT SUPPORT BPR
: BPR IMPLEMENTAION AND TOOLS THAT SUPPORT BPR
 
Modern Maintenance & Reliability Management: Planning and Estimating Workshop...
Modern Maintenance & Reliability Management: Planning and Estimating Workshop...Modern Maintenance & Reliability Management: Planning and Estimating Workshop...
Modern Maintenance & Reliability Management: Planning and Estimating Workshop...
 
Process improvement for General Counsel and Law Firms
Process improvement for General Counsel and Law FirmsProcess improvement for General Counsel and Law Firms
Process improvement for General Counsel and Law Firms
 
Advanced Maintenance Strategy Workshop by Tetrahedron
Advanced Maintenance Strategy Workshop by TetrahedronAdvanced Maintenance Strategy Workshop by Tetrahedron
Advanced Maintenance Strategy Workshop by Tetrahedron
 
Pmi, Opm3 And Cmmi Assessment Overview
Pmi, Opm3 And Cmmi Assessment OverviewPmi, Opm3 And Cmmi Assessment Overview
Pmi, Opm3 And Cmmi Assessment Overview
 
Addendum 1 to iso presentation
Addendum 1 to iso presentationAddendum 1 to iso presentation
Addendum 1 to iso presentation
 
Chapter 1 Managing changeQ1 Figure 1.76 shows how bad an imple.docx
Chapter 1 Managing changeQ1 Figure 1.76 shows how bad an imple.docxChapter 1 Managing changeQ1 Figure 1.76 shows how bad an imple.docx
Chapter 1 Managing changeQ1 Figure 1.76 shows how bad an imple.docx
 
Airport processes improvement
Airport processes improvementAirport processes improvement
Airport processes improvement
 
NQA ISO 22301 Business Continuity Checklist
NQA ISO 22301 Business Continuity ChecklistNQA ISO 22301 Business Continuity Checklist
NQA ISO 22301 Business Continuity Checklist
 
Five Step Methodology To Implement Bpr
Five Step Methodology To Implement BprFive Step Methodology To Implement Bpr
Five Step Methodology To Implement Bpr
 
An Application Of Six Sigma DMAIC Methodology In Outsourcing Management Proce...
An Application Of Six Sigma DMAIC Methodology In Outsourcing Management Proce...An Application Of Six Sigma DMAIC Methodology In Outsourcing Management Proce...
An Application Of Six Sigma DMAIC Methodology In Outsourcing Management Proce...
 
Master the Field with CPIM-SMR Certification Exam A Comprehensive Guide
Master the Field with CPIM-SMR Certification Exam A Comprehensive GuideMaster the Field with CPIM-SMR Certification Exam A Comprehensive Guide
Master the Field with CPIM-SMR Certification Exam A Comprehensive Guide
 
sample fcitsm paper 4v6a including rationale
sample fcitsm paper 4v6a including rationale sample fcitsm paper 4v6a including rationale
sample fcitsm paper 4v6a including rationale
 
Steps to blueprint successful erp projects immortal
Steps to blueprint successful erp projects immortalSteps to blueprint successful erp projects immortal
Steps to blueprint successful erp projects immortal
 

Recently uploaded

Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 

Recently uploaded (20)

Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 

CISA Chapter 2 Excercise.pdf

  • 1. CISA Chapter 2 Kelompok 2: Moch. Aqmal Rasyadan Reza Putra - 05211940000026 Ibadurrahman Ziaulhaq - 05211940000052 Ahmad Faiq - 05211940000070 Faros Nabilah Zaim - 05211940000079
  • 2. 1. The Software Engineering Institute’s Capability Maturity Model (CMM) is best described by which of the following options? A. Measurement of resources necessary to ensure a reduction in coding defects B. Documentation of accomplishments achieved during program development C. Relationship of application performance to the user’s stated requirement D. Baseline of the current progress or regression
  • 3. 1. The Software Engineering Institute’s Capability Maturity Model (CMM) is best described by which of the following options? A. Measurement of resources necessary to ensure a reduction in coding defects B. Documentation of accomplishments achieved during program development C. Relationship of application performance to the user’s stated requirement D. Baseline of the current progress or regression
  • 5. 2. Which of the following options contains the steps for business process reengineering (BPR) in the proper sequence? A. Diagnose, envision, redesign, reconstruct B. Evaluate, envision, redesign, reconstruct, review C. Envision, initiate, diagnose, redesign, reconstruct, evaluate D. Initiate, evaluate, diagnose, reconstruct, review
  • 6. 2. Which of the following options contains the steps for business process reengineering (BPR) in the proper sequence? A. Diagnose, envision, redesign, reconstruct B. Evaluate, envision, redesign, reconstruct, review C. Envision, initiate, diagnose, redesign, reconstruct, evaluate D. Initiate, evaluate, diagnose, reconstruct, review
  • 7. Penjelasan BPR Application Steps : 1. Envision (Visualize a need) 2. Initiate (Focus on planning the collection ) 3. Diagnose (Reviewing each process to calculate the value it creates) 4. Redesign (Ensure that the strategic objectives are met) 5. Reconstruct (The implementation phase) 6. Evaluate (Monitoring to ensure that it works and is producing the strategic value) Ch.2 p117-118
  • 8. 3. What is the name of the decentralized control method enabling someone to make a decision based on their own options? A. Executive B. Discretionary C. Detailed D. Mandatory
  • 9. 3. What is the name of the decentralized control method enabling someone to make a decision based on their own options? A. Executive B. Discretionary C. Detailed D. Mandatory
  • 10. 3. What is the name of the decentralized control method enabling someone to make a decision based on their own options? A. Executive B. Discretionary C. Detailed D. Mandatory Ch.2 p108
  • 11. 4. What would be the area of greatest interest during an audit of a business process reengineering (BPR) project? A. The steering committee approves sufficient controls for fraud detection. B. Planning methods include Program Evaluation Review Technique (PERT). C. Risk management planning alignment of the project to business objectives. D. Vendor participation, documentation, installation assistance, and training.
  • 12. 4. What would be the area of greatest interest during an audit of a business process reengineering (BPR) project? A. The steering committee approves sufficient controls for fraud detection. B. Planning methods include Program Evaluation Review Technique (PERT). C. Risk management planning alignment of the project to business objectives. D. Vendor participation, documentation, installation assistance, and training.
  • 13. Penjelasan The steering committee provides guidance to IT concerning business objectives. A risk management plan must be in use for every BPR project. The purpose of risk management is to determine whether the project can actually fulfill a business objective. The second part of risk management is to determine whether the organization will be able to complete the project and generate the desired results. Frankly, most major disasters are caused by a domino effect of a tiny failure multiplying into numerous failures that become catastrophic. Overall, situations of high risk require a method to ensure that the problem receives adequate consideration and the appropriate level of effort to prevent an unfortunate outcome.
  • 14. 5. What is the correct sequence for benchmark processes in business process reengineering (BPR) projects? A. Plan, research, observe, analyze, adapt, improve B. Research, test, plan, adapt, analyze, improve C. Plan, observe, analyze, improve, test D. Observe, research, analyze, adapt, plan, implement
  • 15. 5. What is the correct sequence for benchmark processes in business process reengineering (BPR) projects? A. Plan, research, observe, analyze, adapt, improve B. Research, test, plan, adapt, analyze, improve C. Plan, observe, analyze, improve, test D. Observe, research, analyze, adapt, plan, implement
  • 17. 6. The Capability Maturity Model (CMM) contains five levels of achievement. Which of the following options contains three of the levels in proper sequence? A. Initial, Managed, Repeatable B. Initial, Managed, Defined C. Defined, Managed, Optimized D. Managed, Defined, Repeatable
  • 18. 6. The Capability Maturity Model (CMM) contains five levels of achievement. Which of the following options contains three of the levels in proper sequence? A. Initial, Managed, Repeatable B. Initial, Managed, Defined C. Defined, Managed, Optimized D. Managed, Defined, Repeatable
  • 19. 7. The organization’s ___ is focused on exploiting trends forecast in the next three to five years A. Strategy B. Long‐term planning C. Operational plan D. Managerial plan
  • 20. 7. The organization’s ___ is focused on exploiting trends forecast in the next three to five years A. Strategy B. Long‐term planning C. Operational plan D. Managerial plan
  • 21. Penjelasan Sebuah strategi memberikan jawaban atas “bisnis apa” yang diinginkan organisasi. Strategi ini didasarkan pada perencanaan skenario dan peramalan untuk mengubah struktur, prioritas, lokasi, dan staf organisasi. Ini bisa menghasilkan keputusan untuk membeli, menjual, atau mengkonsolidasikan.
  • 22. 8. Which of these is not the purpose of the ISO 15489 standard for a records management system? A. Define the legal definition of the minimum handling requirements for data records. B. Provide a legal standard of negligence and culpability. C. Eliminate the need for a detailed classification list of each data set. D. Define governance responsibilities during the life cycle of data.
  • 23. 8. Which of these is not the purpose of the ISO 15489 standard for a records management system? A. Define the legal definition of the minimum handling requirements for data records. B. Provide a legal standard of negligence and culpability. C. Eliminate the need for a detailed classification list of each data set. D. Define governance responsibilities during the life cycle of data.
  • 24. Penjelasan ISO 15489-1:2016 mendefinisikan konsep dan prinsip dari mana pendekatan untuk pembuatan, penangkapan, dan pengelolaan arsip dikembangkan. Bagian ISO 15489 ini menjelaskan konsep dan prinsip yang berkaitan dengan hal-hal berikut: a) catatan, metadata untuk catatan dan sistem catatan; b) kebijakan, tanggung jawab yang diberikan, pemantauan dan pelatihan yang mendukung pengelolaan arsip yang efektif; c) analisis berulang dari konteks bisnis dan identifikasi persyaratan catatan; d) pengendalian catatan; e) proses untuk membuat, menangkap dan mengelola catatan.
  • 25. 9. What is the primary technique for reporting compliance with key requirements in operations? A. Technical recommendations from IT B. Identify business issues and governance objectives C. COBIT performance framework D. Individual elements created from contracts and regulations
  • 26. 9. What is the primary technique for reporting compliance with key requirements in operations? A. Technical recommendations from IT B. Identify business issues and governance objectives C. COBIT performance framework D. Individual elements created from contracts and regulations
  • 27. Penjelasan Menggunakan compliance matrix poin poin yang telah klien komitmenkan dalam kontrak yang ditandatangani, service-level yang diiklankan, dan poin spesifik dalam peraturan akan menentukan elemen layanan paling penting yang diperlukan untuk mendukung operasi bisnis.
  • 28. 10. Which of these strategies is used in business process reengineering with an incremental approach? A. Bottom‐up B. End‐state C. Unconstrained D. Top‐down
  • 29. 10. Which of these strategies is used in business process reengineering with an incremental approach? A. Bottom‐up B. End‐state C. Unconstrained D. Top‐down
  • 30. Penjelasan Pendekatan inkremental menggunakan pemodelan bottom-up dari proses yang ada. Fokusnya adalah membuat perubahan bertahap pada proses saat ini dengan mengidentifikasi peluang untuk perbaikan.
  • 31. 11. During the selection of a BPR project, which of the following is the ideal target with the highest return? A. Marginal process B. Nonworking process C. Working process D. Excluded process
  • 32. 11. During the selection of a BPR project, which of the following is the ideal target with the highest return? A. Marginal process B. Nonworking process C. Working process D. Excluded process
  • 34. 12. Who sets the priorities and objectives of the IT balanced scorecard (BSC)? A. Chief information officer (CIO) B. Chief financial officer (CFO) C. Chief executive officer (CEO) D. IT steering committee
  • 35. 12. Who sets the priorities and objectives of the IT balanced scorecard (BSC)? A. Chief information officer (CIO) B. Chief financial officer (CFO) C. Chief executive officer (CEO) D. IT steering committee
  • 36. Penjelasan BSC dimaksudkan untuk memberikan pendekatan pemersatu tentang bagaimana CEO mengharapkan proses bisnis untuk berinteraksi di seluruh organisasi. IT BSC adalah bagian dari scorecard perusahaan CEO secara keseluruhan. CEO atau COO akan mengendalikan keputusan untuk menghilangkan pemborosan dan mencegah keputusan yang diarahkan sendiri oleh manajer departemen.
  • 37. 13. Which of the following is not an advantage of a mature project management office (PMO)?? A. Advanced planning assistance B. Master project register C. Coordination of projects across departments D. Independent projects
  • 38. 13. Which of the following is not an advantage of a mature project management office (PMO)?? A. Advanced planning assistance B. Master project register C. Coordination of projects across departments D. Independent projects
  • 39. Penjelasan A. Within a mature PMO will be a pool of technical specialists, these specialists will know how to run advanced project‐planning software. B. Mature PMOs have a master project register of all projects that consume more than 40 hours of resources in the organization C. D. Independent Projects run contrary to PMO in that that they are “independent”
  • 40. 14. Which of the following business process reengineering (BPR) risks are likely to occur during the design phase? A. Transition risk, skill risk, financial risk B. Management risk, technical risk, HR risk C. Technical risk, detection risk, audit risk D. Scope risk, skill risk, political risk
  • 41. 14. Which of the following business process reengineering (BPR) risks are likely to occur during the design phase? A. Transition risk, skill risk, financial risk B. Management risk, technical risk, HR risk C. Technical risk, detection risk, audit risk D. Scope risk, skill risk, political risk
  • 42. Penjelasan A. Transition risk ada pada fase implementasi B. Management risk ada pada fase operasi C. Tidak berhubungan secara langsung dengan fase desain D. Scope risk ( Serious problems will arise if the scope is improperly defined), skill risk, political risk (Sabotage is always possible from people fearing a loss of power or resistant to change)
  • 43. 15. What is the primary purpose of recurring employee drug screening and recurring criminal background checks? A. Determine if a person is eligible to work B. Prevent individuals from violating the law C. Enforce minimum governance controls for all employees D. Monitor for changes in employee behavior
  • 44. 15. What is the primary purpose of recurring employee drug screening and recurring criminal background checks? A. Determine if a person is eligible to work B. Prevent individuals from violating the law C. Enforce minimum governance controls for all employees D. Monitor for changes in employee behavior
  • 45. Penjelasan Tujuan utama dari pengecekan narkotika dan catatan kriminal adalah untuk memenuhi syarat untuk bekerja dan mereka masih memenuhi syarat untuk tetap dalam pekerjaan mereka, sedangkan jawaban lain merupakan pengawasan secara lanjut, bukan tujuan utama
  • 46. 16. Which of the following statements is not true concerning the use of a records management system? A. Provides a list of each data file to be protected B. Is not necessary for evidence of proper record keeping C. Contains meta‐data describing acceptable and unacceptable handling procedures D. Details the foundation of all security control decisions determined by management
  • 47. 16. Which of the following statements is not true concerning the use of a records management system? A. Provides a list of each data file to be protected B. Is not necessary for evidence of proper record keeping C. Contains meta‐data describing acceptable and unacceptable handling procedures D. Details the foundation of all security control decisions determined by management
  • 48. Penjelasan A. Complete RMS listing of each controlled data set currently under protection. B. The absence of a records management system (RMS) indicates that a governance control failure is present or has occurred. C&D. ISO 15489–based records management system (RMS) using well‐documented administrative policies and procedures
  • 49. 17. Which type of charge‐back scheme is notorious for violating separation of duties or for attempting to exceed authority? A. Sponsor pays B. Actual usage billing C. Charge‐back D. Budgeted cost
  • 50. 17. Which type of charge‐back scheme is notorious for violating separation of duties or for attempting to exceed authority? A. Sponsor pays B. Actual usage billing C. Charge‐back D. Budgeted cost
  • 51. Penjelasan A. In exchange for funding the project, the sponsor may demand more authority over decisions. This method is notorious for creating shadow support organizations. B. Mainframe charge‐back schemes are particularly effective for usage billing C. Individual departments receive a direct charge for system use. This is designed to be a pay‐as‐you‐go style of accounting for IT expenses.
  • 52. 18. Why is change control considered a governance issue? A. Proper implementation of change control reduces the need for separate test and production systems. B. Change control increases the trust factor. C. It allows management to save time by granting more authority to administrators. D. It forces separation of duties to ensure that at least two people agree with the decision.
  • 53. 18. Why is change control considered a governance issue? A. Proper implementation of change control reduces the need for separate test and production systems. B. Change control increases the trust factor. C. It allows management to save time by granting more authority to administrators. D. It forces separation of duties to ensure that at least two people agree with the decision. The purpose is to reduce questionable decisions.
  • 54. Penjelasan A. Separate test and production systems ada pada level manajemen bukan governance B. tidak berpengaruh secara langsung terhadap level pemegang keputusan tertinggi C. Change control membatasi autoritas admin D. It forces separation of duties to ensure that at least two people agree with the decision.
  • 55. 19. What is the advantage of using precedence diagram analysis during projects for business process reengineering (BPR)? A. It charts a detailed sequence of individual activities. B. It shows the ripple effect of changes. C. It is used to perform root cause analysis. D. It enables the use of decision tree reporting
  • 56. 19. What is the advantage of using precedence diagram analysis during projects for business process reengineering (BPR)? A. It charts a detailed sequence of individual activities. B. It shows the ripple effect of changes. C. It is used to perform root cause analysis. D. It enables the use of decision tree reporting
  • 57. Penjelasan Precedence diagram analysis menunjukkan ripple effect dari perubahan dan menyediakan jalur kritis untuk menggambarkan tugas spesifik minimum yang diperlukan untuk menyelesaikan tujuan proyek. Teknik CPM merupakan tools yang berharga untuk menunjukkan apa yang harus dicapai versus apa yang diminta. Tugas ketergantungan tinggi dapat dilakukan, sementara tugas ketergantungan rendah dapat dibatalkan dari proyek.
  • 58. 20. Which statement about the Capability Maturity Model is not true? A. Level 3 provides quantitative measurement of the process output. B. Level 3 processes have published objectives, measurements, and standards that are in effect across departmental boundaries. C. Level 5 provides maximum control in outsourcing because the definition of requirements is very specific. D. Level 5 maturity converts a product into a commodity and allows a company to pay less and demand unquestionable adherence to management’s authority.
  • 59. 20. Which statement about the Capability Maturity Model is not true? A. Level 3 provides quantitative measurement of the process output. B. Level 3 processes have published objectives, measurements, and standards that are in effect across departmental boundaries. C. Level 5 provides maximum control in outsourcing because the definition of requirements is very specific. D. Level 5 maturity converts a product into a commodity and allows a company to pay less and demand unquestionable adherence to management’s authority.
  • 60. Penjelasan Pengukuran kualitatif (berbasis opini) terjadi pada level 3, dan pengukuran kuantitatif (berbasis penghitungan) berada pada level 4. Level 5 secara efektif mengubah produk menjadi komoditas dengan maksud untuk memanfaatkan setiap persen dari peningkatan. Semua pekerja dianggap hanya melakukan apa yang diperintahkan dan tidak memiliki wewenang. Pada level 5, perusahaan memiliki kendali paling besar dan dapat memutuskan untuk melakukan outsourcing dengan pekerja bergaji lebih rendah.
  • 61. 21. Which of the following statements has the best correlation to the definition of strategy? A. Defines the techniques to be used in support of the business objective B. Defines the necessary procedures to accomplish the goal C. Defines guidelines to follow in a recipe for success D. Defines what business an organization is in for the next three years
  • 62. 21. Which of the following statements has the best correlation to the definition of strategy? A. Defines the techniques to be used in support of the business objective B. Defines the necessary procedures to accomplish the goal C. Defines guidelines to follow in a recipe for success D. Defines what business an organization is in for the next three years
  • 63. Penjelasan Strategi mendefinisikan bisnis utama perusahaan untuk 3 sampai 5 tahun ke depan. Dengan menggunakan informasi ini, perusahaan dapat mengembangkan atau mengadopsi standar pendukung dan kemudian membuat prosedur tingkat rendah untuk mencapai tujuan strategis.
  • 64. 22. Which of the following is not considered a control failure? A. Using a policy that lacks a detective mechanism to identify violations B. Modifying an ineffective procedure outside of change control C. Testing to discover how many policy violations have occurred D. Implementing a policy or standard without consequences of failure
  • 65. 22. Which of the following is not considered a control failure? A. Using a policy that lacks a detective mechanism to identify violations B. Modifying an ineffective procedure outside of change control C. Testing to discover how many policy violations have occurred D. Implementing a policy or standard without consequences of failure
  • 66. Penjelasan Semua opsi yang tersedia kecuali opsi C yaitu testing menunjukkan bahwa ada kegagalan kontrol. Kontrol efektif minimum harus mencakup tindakan pencegahan, detektif, dan korektif
  • 67. 23. Which of the following is not cited in the text as a reason that balanced scorecard (BSC) implementations could fail? A. Politics of losing the department budget B. Top management providing full support C. Lack of BSC training and awareness D. Empire building by the department head
  • 68. 23. Which of the following is not cited in the text as a reason that balanced scorecard (BSC) implementations could fail? A. Politics of losing the department budget B. Top management providing full support C. Lack of BSC training and awareness D. Empire building by the department head
  • 69. Penjelasan Tujuan utama menggunakan BSC adalah untuk memastikan bahwa setiap orang di bawah manajemen CEO, COO, dan CFO memahami arahan terpadu utama. BSC dirancang untuk menghindari monopoli oleh kepala divisi, wakil presiden, dan direktur tingkat departemen. Deliverables nomor satu adalah memotong pemborosan dengan menghilangkan keputusan yang diarahkan sendiri di bawah level C dan mengembalikan kendali ke CEO atau eksekutif tertinggi.
  • 70. 24. A shadow organization refers to two groups performing similar functions under different departments. What does the presence of a shadow organization indicate? A. Twice the support coverage B. A relationship of trust and proper delegation of authority C. Executive distrust or failure to integrate D. A sponsor who is cooperating as a team player with separation of duties
  • 71. 24. A shadow organization refers to two groups performing similar functions under different departments. What does the presence of a shadow organization indicate? A. Twice the support coverage B. A relationship of trust and proper delegation of authority C. Executive distrust or failure to integrate D. A sponsor who is cooperating as a team player with separation of duties
  • 72. Penjelasan Organisasi bayangan menunjukkan kegagalan integrasi yang disebabkan oleh ketidakpercayaan eksekutif atau konflik serupa. Hal ini menciptakan konflik tambahan dengan skala yang tidak efisien. Masalah termasuk strategi yang saling bertentangan dan sponsor melanggar pemisahan tugas atau melebihi otoritas normal mereka. Organisasi bayangan dikenal karena duplikasi usaha, menciptakan biaya gabungan yang tinggi bagi organisasi.
  • 73. 25. Which of the following statements is true concerning the steering committee? A. Steering committee membership is composed of directors from each department. B. The steering committee focuses the agenda on IT issues. C. Absence of a formal charter indicates a lack of controls. D. The steering committee conducts formal management oversight reviews.
  • 74. 25. Which of the following statements is true concerning the steering committee? A. Steering committee membership is composed of directors from each department. B. The steering committee focuses the agenda on IT issues. C. Absence of a formal charter indicates a lack of controls. D. The steering committee conducts formal management oversight reviews.
  • 75. Penjelasan Komite pengarah harus disahkan oleh piagam formal. Kurangnya komite pengarah menunjukkan bahwa TI tidak diatur oleh keselarasan formal dengan tujuan bisnis. Investasi teknologi tidak dikelola dengan baik karena portofolio investasi harus dikelola. Tujuan dari komite pengarah adalah untuk menyampaikan masalah bisnis yang harus dipertimbangkan dan tujuan yang harus dipenuhi oleh TI. Keanggotaan individu dalam komite pengarah harus ditunjuk secara resmi.