Exin CDFOM Exam Questions

A common operational problem occurs when incidents are initially responded to but then lose attention.

EPI identifies incomplete shift handover as a major root cause because:

Incident ownership is not transferred correctly

Pending actions are not communicated

Operators on the next shift are unaware of unresolved incidents

Follow-up obligations are lost

This leads to customers receiving initial responses but no closure or updates.

Why other options are incorrect:

A: Even without auto-emails, incidents would still be followed up internally.

B: Skill level issues affect resolution quality, not disappearance of tickets.

D: Lack of contingency causes delays, not loss of tracking.

Thus, C is correct.

EPI DCFOM-Aligned Reference Concepts (Paraphrased)

Proper shift handover is essential to maintain service continuity.

Incomplete handover leads to dropped incidents and SLA failures.

In organizational resilience and business continuity planning, the Recovery Time Objective (RTO) is a core metric used to determine the acceptable downtime for each business function.

EPI defines RTO as the:

''Targeted duration within which disrupted services or processes must be restored to a minimum acceptable operational level after a disaster.''

Key points:

Timeframe for Recovery

The RTO identifies how quickly a facility, system, or service must be restored before the outage causes unacceptable consequences.

Minimum Service Capacity

The RTO refers to restoring operations at a minimum acceptable level, not full normal operations.

Business Impact Analysis (BIA) Output

RTO is derived during BIA where criticality and dependencies of business processes are assessed and prioritized.

Prioritization of Resources

RTO informs disaster recovery planning, resource allocation, and restoration sequencing.

Therefore, the correct definition matches:

D --- ''The prioritized timeframes for resuming disrupted activities at a specified minimum acceptable capacity.''

Why the other options are incorrect:

A describes the MTPD (Maximum Tolerable Period of Disruption).

B describes elements of the Minimum Business Continuity Objective (MBCO).

C describes the Recovery Point Objective (RPO).

EPI DCFOM-Aligned Reference Concepts (Paraphrased, Not Verbatim)

RTO defines the permitted downtime for a service.

RTO is linked to minimum acceptable capability after recovery.

RTO is determined through BIA.

EPI distinguishes between:

Service Portfolio internal document used for service design, planning, assessment

Service Catalog customer-facing document listing available services

The service catalog provides customers with:

Service descriptions

Service options

Ordering information

Terms and conditions

SLA details

Pricing models (where applicable)

It is specifically designed to allow customers to select and order services.

Why other options are incorrect:

A: Service portfolio is internal only.

B: BCP is unrelated to service ordering.

C: Needs analysis is internal planning documentation.

Thus, D is correct.

EPI DCFOM-Aligned Reference Concepts (Paraphrased)

The service catalog contains all customer-orderable services.

It is the primary communication tool for customer consumption.

In organizational resilience and business continuity planning, the Recovery Time Objective (RTO) is a core metric used to determine the acceptable downtime for each business function.

EPI defines RTO as the:

''Targeted duration within which disrupted services or processes must be restored to a minimum acceptable operational level after a disaster.''

Key points:

Timeframe for Recovery

The RTO identifies how quickly a facility, system, or service must be restored before the outage causes unacceptable consequences.

Minimum Service Capacity

The RTO refers to restoring operations at a minimum acceptable level, not full normal operations.

Business Impact Analysis (BIA) Output

RTO is derived during BIA where criticality and dependencies of business processes are assessed and prioritized.

Prioritization of Resources

RTO informs disaster recovery planning, resource allocation, and restoration sequencing.

Therefore, the correct definition matches:

D --- ''The prioritized timeframes for resuming disrupted activities at a specified minimum acceptable capacity.''

Why the other options are incorrect:

A describes the MTPD (Maximum Tolerable Period of Disruption).

B describes elements of the Minimum Business Continuity Objective (MBCO).

C describes the Recovery Point Objective (RPO).

EPI DCFOM-Aligned Reference Concepts (Paraphrased, Not Verbatim)

RTO defines the permitted downtime for a service.

RTO is linked to minimum acceptable capability after recovery.

RTO is determined through BIA.

EPI's governance and risk management principles clearly state:

When a data center outsources maintenance, operational work can be outsourced, but risk cannot be transferred.

Risk may be shared, mitigated, or reduced through contractual arrangements, but ownership remains with the data center service provider.

The data center operator is still responsible for ensuring compliance, operational continuity, and safety---even if another party performs the maintenance tasks.

Therefore:

The service provider must remain involved in risk evaluation, risk treatment, and ongoing monitoring.

Oversight responsibilities cannot be delegated.

Options C and D are incorrect because outsourcing the activity does not outsource risk accountability.

Option B is irrelevant because risk responsibility does not depend on provider expertise.

Thus, A is correct.

EPI DCFOM-Aligned Reference Concepts (Paraphrased)

Risk ownership remains with the organization even when maintenance is outsourced.

Outsourcing shares risk but does not transfer it.

The data center must maintain involvement in the risk management process.