QUESTION: 17

Which of the following is an input to COBIT Implementation Phase 1: What Are the Drivers?

Risk response document
Current capability rating for selected processes
Program wake-up call

Answer(s): C

Explanation:

A program wake-up call is an input to COBIT Implementation Phase 1: What Are the Drivers, because it is a trigger event that creates a sense of urgency and a need for change in the organization's governance and management of enterprise I&T12. A program wake-up call can be internal or external, positive or negative, such as a major incident, a new regulation, a strategic initiative, or a stakeholder feedback34.

Reference:

1: COBIT 2019 Implementation Guide 2: COBIT 2019 Implementation - ISACA 3: Tips for Implementing COBIT in a Continuously Changing Environment - ISACA 4: 7 Phases of COBIT Implementation: Explained - The Knowledge Academy

Reveal Solution Next Question

QUESTION: 18

Which information should be collected for a Current Profile?

Implementation Status
Recommended Actions
Resource Required

Answer(s): A

Explanation:

The implementation status is the information that should be collected for a Current Profile, because it indicates the degree to which the cybersecurity outcomes defined by the CSF Subcategories are currently being achieved by the organization12. The implementation status can be expressed using a four-level scale: Not Performed, Partially Performed, Performed, and Informative Reference Not Applicable34.

Reference:

1: Cybersecurity Framework Components | NIST 2: Implementing the NIST Cybersecurity Framework Using COBIT 2019 | ISACA 3: Framework Documents | NIST 4: REVIEW OF IMPLEMENTING THE NIST CYBERSECURITY FRAMEWORK USING COBIT 2019.

Reveal Solution Next Question

QUESTION: 19

During Step 3: Create a Current Profile, an enterprise outcome has reached a 95% subcategory maturity level. How would this level of achievement be described in the COBIT Performance Management Rating Scale?

Largely Achieved
Partially Achieved
Fully Achieved

Answer(s): C

Explanation:

According to the COBIT Performance Management Rating Scale, a subcategory maturity level of 95% corresponds to the rating of Fully Achieved, which means that the outcome is achieved above 85%12. This indicates that the enterprise has a high degree of capability and maturity in the subcategory, and that the practices and activities are performed consistently and effectively34.

Reference:

1: Performance Management of Processes - Testprep Training Tutorials 2: COBIT 2019 and COBIT 5 Comparison - ISACA 3: COBIT 2019 Performance Management: Principles and Processes 4:
Effective Capability and Maturity Assessment Using COBIT 2019 - ISACA

Reveal Solution Next Question

QUESTION: 20

During CSF implementation, when is an information security manager MOST likely to identify key enterprise and supporting alignment goals as previously understood?

CSF Steps 5: Create a Target Profile and 6: Determine, Analyze, and Prioritize Gaps
CSF Step 1: Prioritize and Scope
CSF Steps 2: Orient and 3: Create a Current Profile

Answer(s): B

Explanation:

This CSF step corresponds to the COBIT objective of knowledge and understanding of enterprise goals, because it involves identifying the business drivers, mission, objectives, and risk appetite of the organization, as well as the scope and boundaries of the cybersecurity program12. This step helps to ensure that the cybersecurity activities and outcomes are aligned with the enterprise goals and strategy34.

Reference:

1: Cybersecurity Framework Components | NIST 2: Implementing the NIST Cybersecurity Framework Using COBIT 2019 | ISACA 3: COBIT 2019 Design and Implementation COBIT Implementation 4: COBIT® 2019 Foundation | Skillsoft Global Knowledge

Reveal Solution Next Question

Free NIST-COBIT-2019 Exam Braindumps (page: 6)

QUESTION: 17

Explanation:

Reference:

QUESTION: 18

Explanation:

Reference:

QUESTION: 19

Explanation:

Reference:

QUESTION: 20

Explanation:

Reference:

NIST-COBIT-2019 Exam Discussions & Posts