ISO-IEC 20000 Foundation Exam Sample Paper - January 2014

The Foundation Examination
Multiple Choice
60 minute Paper
Instructions
1. All 40 questions should be attempted.
2. All answers are to be marked on the answer grid provided.
3. Please use a pencil and NOT ink to mark your answers in the
Answer sheet provided.
4. There is only one correct answer per question.
5. You have 60 minutes to complete this paper.
6. You must score 26 marks or more to pass this examination.
Candidate Number: .....................................
The APM Group Ltd 2014

This paper remains the property of The APM Group (APMG). This document is not to be re-produced or re-sold without
express permission from The APM Group Ltd.
The APMG-International ISO/IEC 20000 and Swirl Device logo is a trade mark of the APM Group Limited. ITIL is a
registered trademark of AXELOS Limited.
Permission to reproduce extracts from BS ISO/IEC 20000 is granted by BSI.
ISO/IEC 200002012-ExamPaper-4001-GBISOFSample1-120120SamplePaper1
ISO/IEC 20000 Foundation Examination
Which statement describes ISO/IEC 20000-1?

a)
It provides guidance on how to implement a service management system
b)
It represents an industry consensus on quality procedures for IT service management

processes
c)
It provides guidance on the demonstration of conformity for the service provider
d)
It is a service management system standard.
What is the relationship between ITIL and ISO/IEC 20000?

a)
ITIL is based on ISO/IEC 20000
b)
ITIL provides best practice advice for IT service management, whereas ISO/IEC 20000 defines
requirements for a service management system
c)
ITIL is a subset of ISO/IEC 20000 Parts 1 and 2
d)
ITIL and ISO/IEC 20000 apply to different parts of a service management system
What is the relationship between ISO/IEC 20000-1, ISO 9001 and ISO/IEC 27001?
a)
An SMS can be integrated with a quality management system based on ISO 9001 or an
information security management system based on ISO/IEC 27001
b)
It is necessary for service providers to be certified against all of them to ensure an effective
service management system
c)
ISO/IEC 20000-1 applies to IT services, whereas ISO 9001 and ISO/IEC 27001 can NOT be
used effectively in an IT service provider organization
d)
ISO 9001 deals mainly with customer complaints about quality, whereas ISO/IEC 20000-1 and
ISO/IEC 27001 are IT focussed

This paper remains the property of The APM Group (APMG).This document is not to be re-produced or re-sold without express permission from The APM Group Ltd.
Which statement describes the primary role of a Registered Certification Body within the
Certification Scheme?
a)
Provides advice and guidance to service providers wishing to implement ISO/IEC 20000-1
b)
Ensures all staff in the IT service management system are trained and certified in ITIL
c)
Assesses the IT service provider against Part 1 of the standard
d)
Engaged by the administrator of the Certification Scheme to report back on all nonconformities found within an IT service provider
Which is an example of the ISO/IEC 20000-1 definition of a record?

a)
The service continuity plan
b)
The capacity plan
c)
A service level agreement
d)
A service report
Which statement describes a service provider in the context of ISO/IEC 20000-1?

a)
The organization which carries out certification audits
b)
The organization receiving the services
c)
The organization giving consultancy advice concerning continual improvement
d)
The organization that manages and delivers services to the customer

What is the common name for the methodology known as

Plan Do Check Act (PDCA)?
a)
The Deming Cycle
b)
The supply chain
c)
The 4 step improvement process
d)
ISO 9001
What is a service improvement policy required to include?

a)
Continual improvements of the service management system, but NOT the services
b)
Continual improvements of the services, but NOT the service management system
c)
Continual improvements of the services and the service management system
d)
There are NO specific requirements
Which statement describes the scope of ISO/IEC 20000-1?

a)
Provides guarantees that services are delivered to meet business needs
b)
Specifies the requirements for a service provider to manage a service management system
c)
Recommends the best approach for planning and organising service management
d)
Is a quality benchmark to which managed service providers should aspire

10
11
12
Who is required to ensure that reviews of service management are carried out within the
management system of ISO/IEC 20000-1?
a)
The Registered Certification Body
b)
Any process owner
c)
A consultancy organization
d)
Top management
What is the objective of Clause 5, design and transition of new or changed services?
a)
To ensure that new services and changes to services will be deliverable and manageable at the
agreed cost and service quality
b)
To ensure that proposals for new or changed services are fully assessed and authorized
c)
To ensure that new or changed services are fully costed, approved and implemented
d)
To ensure that the service acceptance criteria for new or changed services are fully met
Identify the missing words in the following sentence.

ISO/IEC 20000-1 specifies that every SLA shall include [ ? ], agreed service targets and
exceptions.
a)
customer responsibilities
b)
escalation processes
c)
workload characteristics
d)
critical business periods

13
14
Which set of inputs would be MOST appropriate for determining service continuity and
availability requirements for a particular IT service?
a)
SLAs, incident trend analysis and workload characteristics
b)
Network bandwidth, data centre location and resource availability
c)
Business Plans, SLAs and risk assessments
d)
Agreed service hours, peak volumes and supplier contracts

The information required in a description of each service report includes its [ ? ], purpose,
audience, frequency, and details of the data source(s).
15
a)
author
b)
identity
c)
maximum size
d)
format
What is the objective of service continuity and availability management?

a)
To ensure that service continuity and availability plans are tested in accordance with business
needs
b)
To ensure that potential service continuity and availability issues are predicted and preventive
action taken
c)
To ensure that agreed service continuity and availability commitments to customers can be
met in all circumstances
d)
To ensure that service continuity and availability requirements are fully defined and agreed in
service level agreements

16
17
18
How are security controls to be managed for external organizations which have a need to
access information systems and services?
a)
The controls are documented and agreed with the external organizations
b)
The external organizations are responsible for maintaining the confidentiality of the service
providers information
c)
The lead supplier is responsible for the security aspects of the relationship
d)
The business relationship manager is responsible for the security aspects of the relationship
What level of training does ISO/IEC 20000-1 require for all staff working within the scope of the
service management system?
a)
It is mandatory that all staff have formal training and qualifications
b)
Only the senior staff need to have formal training and qualifications
c)
Sufficient training to enable staff to perform their role competently
d)
There is NO specific requirement
Which would NOT be included in a service providers capacity plan?

a)
Forecasts of demand for services
b)
Costs for service capacity upgrades
c)
Current demand for services
d)
Service level agreements

19
20
21
Which would NOT be included in a service management plan?

a)
Service requirements
b)
Service desk contact details and hours of service
c)
Resources required for service management
d)
Technology used to support the service management system
What is a release policy required to include?

a)
Frequency and type of releases
b)
Service level targets for releases
c)
The changes incorporated in a release
d)
Back-out actions to be taken if a release is unsuccessful
How frequently are meetings between the service provider and customer required to be held in
order to discuss service performance?
a)
Monthly
b)
Annually
c)
At planned intervals
d)
When the customer satisfaction trend becomes negative

22
23
24
Where a lead supplier to a service provider is using a subcontracted supplier, who is

responsible for ensuring that the sub-contracted supplier meets their contractual obligations?
a)
The lead supplier
b)
The sub-contracted supplier
c)
The service providers contract manager
d)
The service providers business relationship manager
What process is responsible for reviewing the effectiveness of new or changed services?
a)
Capacity management
b)
Release and deployment management
c)
Budgeting and accounting for IT services
d)
Change management
Which is a requirement of incident and service request management for a major incident?
a)
A designated individual shall be appointed to be responsible for managing a major incident
b)
Opportunities for improvement shall be identified before the service is restored
c)
The customer shall be responsible for the definition of a major incident
d)
The root cause of a major incident shall be recorded at the time the incident record is created

25
26
27
Which statement is applicable to ISO/IEC 20000-1?

a)
Requires the service provider to implement ITIL
b)
Is independent of specific guidance
c)
Requires the service provider to be a certified user of best practices
d)
Is necessary for all suppliers to be certified to ISO/IEC 20000-1
Which is NOT a specific top management responsibility within ISO/IEC 20000-1?

a)
Establishing the service management objectives
b)
Ensuring that the service management plan is implemented
c)
Providing resources to improve the service management system
d)
Communicating the service management policies to the customers
Which process would control actions identified by problem management to correct errors in
the infrastructure?
a)
Problem management
b)
Incident and service request management
c)
Service continuity and availability management
d)
Change management

10
28
29
30
What is the name of a sub-section included within the service management system general
requirements?
a)
Supplier management
b)
Information security management
c)
Design and transition of new or changed services
d)
Documentation management
Which process includes a requirement related to controls for the disposal of records?
a)
Release and deployment management
b)
Information security management
c)
Documentation management
d)
Change management
What is the requirement within ISO/IEC 20000-1 concerning emergency changes?

a)
Emergency changes shall NOT be installed during normal service hours
b)
A meeting of the Change Advisory Board shall approve emergency changes
c)
Emergency changes shall NOT be tested before being deployed to the live environment
d)
A procedure for managing emergency changes shall be followed

11
31
32
33
Which statement applies when a service provider wishes to demonstrate conformity to the
requirements of ISO/IEC 20000-1?
a)
All of the service management processes must be in place but some of the requirements can
be omitted if they are too expensive to achieve
b)
All service management processes must be implemented and all requirements must be
demonstrated
c)
Some service management processes are more important than others for different types of
service provider, and some requirements can be ignored depending on the type of service
provider
d)
Processes associated with continual improvement are optional but all other service
management processes are mandatory
When an internal group is operating part of the service management processes, which process
is required to manage this group?
a)
Supplier management
b)
Service level management
c)
Service continuity and availability management
d)
Resource management
Identify the missing word in the following sentence.

The two types of documents that need to be produced for an audit are evidence of [ ? ] and
records of achievement.
a)
processes
b)
plans
c)
intent
d)
control

12
34
35
What is the difference between Part 1 and the other parts of the ISO/IEC 20000 series?
a)
The other parts contains mandatory requirements whereas Part 1 provides supporting guidance
b)
The other parts align with ITIL whereas Part 1 is unrelated to ITIL
c)
Part 1 contains mandatory requirements whereas the other parts provide supporting guidance
d)
All parts contain mandatory requirements

The definition of scope that will apply to a service management system shall consider [?] and
shall include a description of the service(s) and the name of the organizational unit providing
the service.
36
a)
names of suppliers
b)
customer and service delivery locations
c)
the service management processes included in the scope
d)
the number of IT resources required
What is the main factor in establishing whether ISO/IEC 20000-1 certification is applicable to
an organization that has outsourced the management of its data centre?
a)
Effective process governance and supplier management controls must be in place
b)
The data centre provider must have already achieved certification
c)
The service desk must remain in-house
d)
The data centre provider must fully test its business continuity processes regularly

13
37
38
39
Which statement is correct?

a)
Only internal auditors can identify observations, and only external auditors can identify nonconformities
b)
An observation is a recommendation for potential improvement and does NOT lead to a failure
to achieve certification
c)
Several observations can accumulate to become a non-conformity
d)
It is mandatory for both observations and non-conformities to be remedied before a certification

can be granted but observations can take longer to correct
How many years is an ISO/IEC 20000-1 certificate valid for in the APMG certification scheme?
a)
One
b)
Two
c)
Three
d)
Five
Which audit, performed by the Registered Certification Body, is required to be carried out at
least annually?
a)
Recertification audit
b)
Gap analysis audit
c)
Surveillance audit
d)
Internal audit

14
40
Which statement describes the responsibilities for conducting the internal, the re-certification
and the surveillance audits?
a)
All are carried out by the Registered Certification Body (RCB)
b)
The RCB is only responsible for conducting the re-certification and surveillance audits, the
service provider carries out the internal audits
c)
The service provider conducts the internal and surveillance audits whilst the RCB carries out
the re-certification audits
d)
The customer conducts the internal audits, the service provider conducts the surveillance
audits and the RCB conducts the re-certification audits

15

ISO-IEC 20000 Foundation Exam Sample Paper - January 2014

Загружено:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

ISO-IEC 20000 Foundation Exam Sample Paper - January 2014

Загружено:

Авторское право:

Доступные форматы

The Foundation Examination

Candidate Number: .....................................

The APM Group Ltd 2014

ISO/IEC 20000 Foundation Examination

Which statement describes ISO/IEC 20000-1?

It provides guidance on how to implement a service management system

It represents an industry consensus on quality procedures for IT service management

It provides guidance on the demonstration of conformity for the service provider

It is a service management system standard.

What is the relationship between ITIL and ISO/IEC 20000?

ITIL is based on ISO/IEC 20000

ITIL is a subset of ISO/IEC 20000 Parts 1 and 2

The APM Group Ltd 2014

ISO/IEC 20000 Foundation Examination

Assesses the IT service provider against Part 1 of the standard

Which is an example of the ISO/IEC 20000-1 definition of a record?

The service continuity plan

The capacity plan

A service level agreement

Which statement describes a service provider in the context of ISO/IEC 20000-1?

The organization which carries out certification audits

The organization receiving the services

The organization giving consultancy advice concerning continual improvement

The organization that manages and delivers services to the customer

The APM Group Ltd 2014

ISO/IEC 20000 Foundation Examination

What is the common name for the methodology known as

The Deming Cycle

The supply chain

The 4 step improvement process

What is a service improvement policy required to include?

Continual improvements of the services and the service management system

There are NO specific requirements

Which statement describes the scope of ISO/IEC 20000-1?

Provides guarantees that services are delivered to meet business needs

Is a quality benchmark to which managed service providers should aspire

The APM Group Ltd 2014

ISO/IEC 20000 Foundation Examination

The Registered Certification Body

Any process owner

Identify the missing words in the following sentence.

critical business periods

The APM Group Ltd 2014

ISO/IEC 20000 Foundation Examination

SLAs, incident trend analysis and workload characteristics

Network bandwidth, data centre location and resource availability

Business Plans, SLAs and risk assessments

Agreed service hours, peak volumes and supplier contracts

Identify the missing words in the following sentence.

What is the objective of service continuity and availability management?

The APM Group Ltd 2014

ISO/IEC 20000 Foundation Examination

It is mandatory that all staff have formal training and qualifications

Sufficient training to enable staff to perform their role competently

There is NO specific requirement

Which would NOT be included in a service providers capacity plan?

Forecasts of demand for services

Costs for service capacity upgrades

Current demand for services

Service level agreements

The APM Group Ltd 2014

ISO/IEC 20000 Foundation Examination

Which would NOT be included in a service management plan?

Service desk contact details and hours of service