3.5 Practice Drills and Readiness Markers

What 'Ready' Looks Like

Readiness in Domain 2 is more than recognizing terms. For each concept you should be able to (1) state the rule, (2) apply it to a new scenario, and (3) explain why the distractors fail. If you can only do the first, you will lose the two-plausible-answer items that dominate this domain.

Build short, mixed drills rather than long single-topic sets. Mixing forces you to first classify the question — is this about a committee, a policy level, segregation of duties, risk treatment, or continuity? — which mirrors how the real exam scatters Domain 2 items among other domains without labeling them.

Alternate between two drill modes. In recall mode, you supply the definition or rule cold (no options) to confirm the knowledge is genuinely yours. In application mode, you face full scenario items and must choose under realistic wording and time pressure. Many candidates pass recall mode but fail application mode because they recognize terms without applying them — so weight your practice toward application as exam day nears, and treat any gap between the two modes as the signal that you have memorized rather than internalized the material.

Rapid-Fire Self-Check

Run these from memory before exam day:

• Governance vs. management: Governance = board, EDM, set direction and evaluate. Management = executives, APO/BAI/DSS/MEA, execute.
• Committees: Strategy = board-level, advisory. Steering = operational, approves priorities/budgets.
• Policy hierarchy: Policy → Standard → Procedure → Guideline (only the guideline is non-mandatory).
• Risk treatment: Avoid, Mitigate, Transfer, Accept; residual risk is formally accepted by an authorized owner within appetite.
• Segregation of duties: Authorization, Custody, Recording, Reconciliation; use compensating controls when full SoD is impractical.
• Continuity metrics: RTO (downtime), RPO (data loss), MTD = RTO + work recovery time, all driven by the BIA.
• Monitoring: KPIs (performance), KRIs (risk), IT balanced scorecard across financial, customer, operational, and innovation perspectives.

If any line above stalls, that is your next study target.

Diagnosing Misses and Spacing Review

When you miss a Domain 2 item, do not just note the right letter. Identify the specific cue you overlooked: Was it the level (board vs. operational)? The role (auditor vs. management)? The timing (before vs. after a decision)? The governing rule (independence, alignment, segregation)? Logging misses this way turns 'I keep getting governance wrong' into a precise, fixable pattern.

Space your review: study, sleep, and re-test. A domain is not ready until mixed-question accuracy holds steady after a one-day break — stability after rest, not a single good session, is the true readiness marker.

Targeted Drill Set

Work these drills until each is automatic:

• Classify-the-body drill: Given a task (advise the board, approve a budget, assess controls, classify data), name the responsible body or role in under five seconds. Mix in strategy committee, steering committee, board, CIO, data owner, custodian, and auditor.
• Document-level drill: Read a requirement and label it policy, standard, procedure, or guideline; then state whether it is mandatory.
• Risk-treatment drill: For each scenario, choose avoid, mitigate, transfer, or accept, and identify who must approve any residual-risk acceptance.
• SoD drill: Spot which two incompatible functions one person holds, then name a compensating control.
• Continuity-metric drill: Convert a business need into RTO, RPO, or MTD, and confirm the BIA drives it.
• Monitoring drill: Decide whether a metric is a KPI or a KRI and which level (governance or management) should receive it.

Drilling the classification step matters most, because the exam rarely tells you which concept it is testing. Time-box each drill: if you cannot classify a stem within a few seconds, that hesitation marks a concept to relearn, not a question to guess on. Keep a running tally of which drill type produces the most hesitation and steer your next session there.

Building Exam-Day Stamina

Domain 2 questions are wordy, so practice time discipline alongside accuracy. Aim to read the stem once, identify the role/level/cue, eliminate two distractors, and choose — then move on. Flag and return rather than stalling on a single hard governance item; the alignment-and-accountability logic you have drilled usually surfaces on a second read.

Finally, calibrate against full, mixed practice exams rather than topic quizzes only. Track not just your score but why each Domain 2 miss happened, using the cue categories above. When your error log stops adding new cue categories and your accuracy is stable across two sittings separated by a rest day, this domain is ready and you can shift study time to weaker areas. That disciplined, evidence-based review — not raw repetition — is what converts familiarity with governance vocabulary into reliable test-day judgment.