ITIL® 4 Foundation

Sample
Paper 1
Question Booklet | Multiple Choice

Examination | 1 Hour

Official Training Materials

1. Which practice is responsible for moving components to live environments?
A. Change enablement
B. Release management
C. IT asset management
D. Deployment management

2. Which practice includes the classification and ownership of queries and requests from users?
A. Service desk
B. Incident management
C. Change enablement
D. Service level management

3. Which practice identifies metrics that reflect the customer’s experience of a service?
A. Continual improvement
B. Service desk
C. Service level management
D. Problem management

4. What is the PRIMARY use of a change schedule?

A. To support 'incident management' and improvement planning
B. To manage emergency changes
C. To plan changes and help avoid conflicts
D. To manage standard changes

5. Which service management dimension is focused on activities and how these are
coordinated?
A. Organizations and people
B. Information and technology
C. Partners and suppliers
D. Value streams and processes

6. How does categorization of incidents assist the ‘incident management’ practice?

A. It helps direct the incident to the correct support area
B. It determines the priority assigned to the incident
C. It ensures that incidents are resolved in timescales agreed with the customer
D. It determines how the service provider is perceived

7. Identify the missing word(s) in the following sentence.

A service is a means of enabling value co-creation by facilitating [?] that customers want to
achieve.
A. the warranty
B. outcomes
C. the utility
D. outputs

ITIL® 4 Foundation Sample Paper 1 | Copyright© PeopleCert International Ltd. 3

 8. Which is a recommendation of the ‘continual improvement’ practice? 15. Identify the missing word in the following sentence.
A. There should at least be a small team dedicated to leading ‘continual improvement’ The purpose of the ‘information security management’ practice is to [?] the organization’s
efforts information.
B. All improvements should be managed as multi-phase projects
A. store
C. ‘Continual improvement' should be isolated from other practices
B. provide
D. External suppliers should be excluded from improvement initiatives
C. audit
D. protect
9. Which is a potential benefit of using an IT service management tool to support the 'incident
management' practice?
16. Which guiding principle recommends collecting data before deciding what can be re-used?
A. It may ensure that the cause of incidents is identified within agreed times
A. Focus on value
B. It may provide automated matching of incidents to problems or known errors
B. Start where you are
C. It may ensure that supplier contracts are aligned with the needs of the service provider
C. Keep it simple and practical
D. It may provide automated resolution and closure of complex incidents
D. Progress iteratively with feedback

10. Which role submits service requests?

17. Which is NOT usually included as part of incident management?
A. The user, or their authorized representative
A. Scripts for collecting initial information about incidents
B. The customer, or their authorized representative
B. Formalized procedures for logging incidents
C. The sponsor, or their authorized representative
C. Detailed procedures for the diagnosis of incidents
D. The supplier, or their authorized representative
D. The use of specialized knowledge for complicated incidents

11. Which practice provides a single point of contact for users?

18. Which describes the nature of the guiding principles?
A. Incident management
A. Guiding principles can guide an organization in all circumstances
B. Change enablement
B. Each guiding principle mandates specific actions and decisions
C. Service desk
C. An organization will select and adopt only one of the seven guiding principles
D. Service request management
D. Guiding principles describe the processes that all organizations must adopt

12. Which guiding principle recommends that the four dimensions of service management are
19. Which statement about a change authority is CORRECT?
considered?
A. A single change authority should be assigned to authorize all types of change and change
A. Think and work holistically
models
B. Progress iteratively with feedback
B. A change authority should be assigned for each type of change and change model
C. Focus on value
C. Normal changes are pre-authorized and do not need a change authority
D. Keep it simple and practical
D. Emergency changes can be implemented without authorization from a change authority

13. Which would be supported by the ‘service request management’ practice?

20. Which practice has the purpose of making new and changed services and features available
A. A request to authorize a change that could have an effect on a service for use?
B. A request from a user for something which is a normal part of service delivery
A. Change enablement
C. A request to restore service after a service interruption
B. Service request management
D. A request to investigate the cause of multiple related incidents
C. Release management
D. Deployment management
14. Which practice is the responsibility of everyone in the organization?
A. Service level management 21. Which value chain activity ensures people understand the organization’s vision?
B. Change enablement
A. Improve
C. Problem management
B. Plan
D. Continual improvement
C. Deliver and support
D. Obtain/build

4 ITIL® 4 Foundation Sample Paper 1 | Copyright© PeopleCert International Ltd. ITIL® 4 Foundation Sample Paper 1 | Copyright© PeopleCert International Ltd. 5
 22. Which statement about the value chain activities is CORRECT? 29. Which guiding principle recommends organizing work into smaller, manageable sections
that can be executed and completed in a timely manner?
A. Every practice belongs to a specific value chain activity
B. A specific combination of value chain activities and practices forms a service relationship A. Focus on value
C. Service value chain activities form a single workflow that enables value creation B. Start where you are
D. Each value chain activity contributes to the value chain by transforming specific inputs C. Progress iteratively with feedback
into outputs D. Collaborate and promote visibility

23. What is the purpose of the ‘supplier management’ practice? 30. What is a standard change?
A. To ensure that the organization‘s suppliers and their performance are managed A. A change that is well understood, fully documented and pre-authorized
appropriately to support the seamless provision of quality products and services B. A change that needs to be assessed, authorized, and scheduled by a change authority
B. To align the organization's practices and services with changing business needs through C. A change that doesn’t need a risk assessment because it is required to resolve an incident
the ongoing identification and improvement of services D. A change that is assessed, authorized, and scheduled as part of ‘continual improvement’
C. To ensure that the organization’s suppliers and their performance are managed
appropriately at strategic and tactical levels through coordinated marketing, selling, and
delivery activities 31. What happens if a workaround becomes the permanent way of dealing with a problem that
D. To ensure that accurate and reliable information about the configuration of suppliers' cannot be resolved cost-effectively?
services is available when and where it is needed A. A change request is submitted to change enablement
B. Problem management restores the service as soon as possible
24. What are the two types of cost that a service consumer should evaluate? C. The problem remains in the known error status
A. The price of the service, and the cost of creating the service D. The problem record is deleted
B. The costs removed by the service, and the costs imposed by the service
C. The cost of provisioning the service, and the cost of improving the service 32. What is the definition of change?
D. The cost of software, and the cost of hardware A. To add, modify or remove anything that could have a direct or indirect effect on services
B. To ensure that accurate and reliable information about the configuration of services is
25. Which is a purpose of the ‘service desk’ practice? available
A. To reduce the likelihood and impact of incidents by identifying actual and potential C. To make new and changed services and features available for use
causes of incidents D. To move new or changed hardware, software, or any other component to live
B. To maximize the number of successful IT changes by ensuring risks are properly assessed environments
C. To capture demand for incident resolution and service requests
D. To set clear business-based targets for service performance 33. What is the definition of an event?
A. Any change of state that has significance for the management of a service or other
26. How should an organization adopt continual improvement methods? configuration item
A. Use a new method for each improvement the organization handles B. Any component that needs to be managed in order to deliver an IT service
B. Select a few key methods for the types of improvement that the organization handles C. An unplanned interruption to a service or reduction in the quality of a service
C. Build the capability to use as many improvement methods as possible D. Any financially valuable component that can contribute to the delivery of an IT product or
D. Select a single method for all improvements that the organization handles service

27. Which ITIL concept describes governance? 34. Which describes outcomes?

A. The seven guiding principles A. Tangible or intangible deliverables

B. The four dimensions of service management B. Functionality offered by a product or service
C. The service value chain C. Results desired by a stakeholder
D. The service value system D. Configuration of an organization’s resources

28. Which is a recommendation of the ‘service desk’ practice? 35. Which is NOT a key focus of the ‘information and technology’ dimension?

A. Service desks should avoid the use of automation A. Security and compliance
B. Service desks should be highly technical B. Communication systems and knowledge bases
C. Service desks should understand the wider organization C. Workflow management and inventory systems
D. Service desks should be a physical team in a single fixed location D. Roles and responsibilities

6 ITIL® 4 Foundation Sample Paper 1 | Copyright© PeopleCert International Ltd. ITIL® 4 Foundation Sample Paper 1 | Copyright© PeopleCert International Ltd. 7
 36. Which practices are typically involved in the implementation of a problem resolution?
Notes
1. Continual improvement
2. Service request management
3. Service level management
4. Change enablement

A. 1 and 2
B. 2 and 3
C. 3 and 4
D. 1 and 4

37. Which is a key consideration for the guiding principle ‘keep it simple and practical’?
A. Try to create a solution for every exception
B. Understand how each element contributes to value creation
C. Ignore the conflicting objectives of different stakeholders
D. Start with a complex solution, then simplify

38. What should be done first when applying the ‘focus on value’ guiding principle?
A. Identify the outcomes that the service facilitates
B. Identify all suppliers and partners involved in the service
C. Determine who the service consumer is in each situation
D. Determine the cost of providing the service

39. A service provider describes a package that includes a laptop with software, licenses, and
support. What is this package an example of?
A. Value
B. An outcome
C. Warranty
D. A service offering

40. What is the definition of warranty?

A. A tangible or intangible deliverable that is produced by carrying out an activity
B. The assurance that a product or service will meet agreed requirements
C. A possible event that could cause harm or loss, or make it more difficult to achieve
objectives
D. The functionality offered by a product or service to meet a particular need

8 ITIL® 4 Foundation Sample Paper 1 | Copyright© PeopleCert International Ltd. ITIL® 4 Foundation Sample Paper 1 | Copyright© PeopleCert International Ltd. 9
 Notes Notes

10 ITIL® 4 Foundation Sample Paper 1 | Copyright© PeopleCert International Ltd. ITIL® 4 Foundation Sample Paper 1 | Copyright© PeopleCert International Ltd. 11
ITIL® 4 Foundation

Sample
Paper 1
Answers and Rationales

Official Training Materials

Sample Paper 1: Answers and Rationales
Q A Syllabus Ref Rationale
1 D 6.1.h A. Incorrect. “The purpose of the change enablement practice
is to maximize the number of successful service and product
changes by ensuring that risks have been properly assessed,
authorizing changes to proceed, and managing the change
schedule”. Ref 5.2.4
B. Incorrect. “The purpose of the release management practice
is to make new and changed services and features available for
use.” Ref 5.2.9
C. Incorrect. “The purpose of the IT asset management practice
is to plan and manage the full lifecycle of all IT assets”. Ref 5.2.6
D. Correct. “The purpose of the deployment management
practice is to move new or changed hardware, software,
documentation, processes, or any other component to live
environments.” Ref 5.3.1
2 A 7.1.f A. Correct. “Service desks provide a clear path for users to
report issues, queries, and requests, and have them
acknowledged, classified, owned, and actioned”. Ref 5.2.14
B. Incorrect. The ‘incident management’ practice deals only
with incidents, not queries and requests. “The purpose of the
incident management practice is to minimize the negative
impact of incidents by restoring normal service operation as
quickly as possible”. Ref 5.2.5
C. Incorrect. The ‘change enablement’ practice deals only with
change requests, not other queries and requests. “The purpose
of the change enablement practice is to maximize the number
of successful service and product changes by ensuring that
risks have been properly assessed, authorizing changes to
proceed, and managing the change schedule”. Ref 5.2.4
D. Incorrect. The ‘service level management’ practice ensures
service targets are met. It does not manage queries and
requests from users. “The purpose of the service level
management practice is to set clear business-based targets for
service performance, so that the delivery of a service can be
properly assessed, monitored, and managed against these
targets”. Ref 5.2.15

ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. 3
 Q A Syllabus Ref Rationale Q A Syllabus Ref Rationale
3 C 7.1.g A. Incorrect. "The purpose of the continual improvement 5 D 3.1.d A. Incorrect. The ‘organizations and people’ dimension
practice is to align the organization’s practices and services describes “roles and responsibilities, formal organizational
with changing business needs through the ongoing structures, culture, and required staffing and competencies.”
improvement of products, services, and practices, or any Ref 3.1
element involved in the management of products and B. Incorrect. The ‘information and technology’ dimension
services." Ref 5.1.2 includes “the information and knowledge necessary for the
B. Incorrect. "The purpose of the service desk practice is to management of services, as well as the technologies required”
capture demand for incident resolution and service requests. It and “the information created, managed, and used in the course
should also be the entry point and single point of contact for of service provision and consumption, and the technologies
the service provider with all of its users." Ref 5.2.14 that support and enable that service.” Ref 3.2
C. Correct. "Service level management identifies metrics C. Incorrect. “The partners and suppliers dimension
and measures that are a truthful reflection of the encompasses an organization’s relationships with other
customer’s actual experience and level of satisfaction with organizations that are involved in the design, development,
the whole service," and "Engagement is needed to deployment, delivery, support and/or continual improvement
understand and confirm the actual ongoing needs and of services. It also incorporates contracts and other
requirements of customers, not simply what is interpreted agreements between the organization and its partners or
by the service provider or has been agreed several years suppliers”. Ref 3.3
before." Ref 5.2.15.1 D. Correct. The ‘value streams and processes’ dimension
D. Incorrect. "The purpose of the problem management “focuses on what activities the organization undertakes
practice is to reduce the likelihood and impact of incidents by and how they are organized, as well as how the
identifying actual and potential causes of incidents, and organization ensures that it is enabling value creation for
managing workarounds and known errors". Ref 5.2.8 all stakeholders efficiently and effectively.” Ref 3.4
4 C 7.1.b A. Incorrect. While it can be used after deploying a change, this 6 A 7.1.c A. Correct. “More complex incidents will usually be
is not the main use of the change schedule. "The change escalated to a support team for resolution. Typically, the
schedule is used to help plan changes, assist in routing is based on the incident category, which should
communication, avoid conflicts, and assign resources. It can help to identify the correct team.” Ref 5.2.5
also be used after changes have been deployed to provide B. Incorrect. The category is concerned with the type of
information needed for incident management, problem incident whereas priority is determined by business impact.
management, and improvement planning." Ref 5.2.4 “Incidents are prioritized based on agreed classification to
B. Incorrect. "Emergency changes: These are changes that must ensure that incidents with the highest business impact are
be implemented as soon as possible; for example, to resolve resolved first.” Ref 5.2.5
an incident or implement a security patch. Emergency changes C. Incorrect. “Every incident should be logged and managed to
are not typically included in a change schedule, and the ensure that it is resolved in a time that meets the expectations
process for assessment and authorization is expedited to of the customer and user.” Categorization by itself will not
ensure they can be implemented quickly." Ref 5.2.4 ensure this. Ref 5.2.5
C. Correct. "The change schedule is used to help plan D. Incorrect. Customer and user satisfaction determines how
changes, assist in communication, avoid conflicts, and the service provider is perceived. “Incident management can
assign resources." Ref 5.2.4 have an enormous impact on customer and user satisfaction,
D. Incorrect. Standard changes are already pre-authorized and and on how customers and users perceive the service
do not need to be included on a change schedule. "These are provider.” Ref 5.2.5
low-risk, pre-authorized changes that are well understood and
fully documented, and can be implemented without needing
additional authorization." Ref 5.2.4

4 ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. 5
 Q A Syllabus Ref Rationale Q A Syllabus Ref Rationale
7 B 1.1.a A. Incorrect. Warranty is “assurance that a product or service 10 A 7.1.e A. Correct. “The purpose of the service request
will meet agreed requirements.” Warranty of a service is management practice is to support the agreed quality of a
necessary, but not sufficient to enable value co-creation. Ref service by handling all pre-defined, user-initiated service
2.5.4 requests...” and a service request is defined as “a request
B. Correct. A service is “a means of enabling value co- from a user or a user’s authorized representative that
creation by facilitating outcomes that customers want to initiates a service action”. Ref 5.2.16
achieve, without the customer having to manage specific B. Incorrect. A customer is “the role that defines the
costs and risks”. Ref 2.3.1 requirements for a service and takes responsibility for the
C. Incorrect. Utility is “the functionality offered by a product or outcomes of service consumption”. A customer could also be a
service”. Utility of a service is necessary, but not sufficient to user, and in that role they may submit a service request. Ref
enable value co-creation. Ref 2.5.4 2.2.2
D. Incorrect. An output is “a tangible or intangible deliverable C. Incorrect. A sponsor is “the role that authorizes budget for
of an activity.” The output of a service is necessary, but not service consumption.” A sponsor could also be a user, and in
sufficient to enable value co-creation. Ref 2.5.1 that role they may submit a service request. Ref 2.2.2
8 A 7.1.a A. Correct. “Although everyone should contribute in some D. Incorrect. “The partners and suppliers dimension
way, there should at least be a small team dedicated full- encompasses an organization’s relationships with other
time to leading continual improvement efforts and organizations that are involved in the design, development,
advocating the practice across the organization.” Ref 5.1.2 deployment, delivery, support, and/or continual improvement
B. Incorrect. “Different types of improvements may call for of services.”. This does not include consumption of services,
different improvement methods. For example, some and “The purpose of the service request management practice
improvements may be best organized into a multi-phase is to support the agreed quality of a service by handling all pre-
project, while others may be more appropriate as a single defined, user-initiated service requests.” Ref 3.3, 5.2.16
quick effort.” Ref 5.1.2 11 C 7.1.f A. Incorrect. “The purpose of the incident management
C. Incorrect. “The continual improvement practice is integral to practice is to minimize the negative impact of incidents by
the development and maintenance of every other practice.” Ref restoring normal service operation as quickly as possible.” The
5.1.2 ‘incident management’ practice does not provide a single point
D. Incorrect. “When third-party suppliers form part of the of contact for service users. Ref 5.2.5
service landscape, they should also be part of the B. Incorrect. “The purpose of the change enablement practice
improvement effort.” Ref 5.1.2 is to maximize the number of successful service and product
9 B 7.1.c A. Incorrect. “Target resolution times are agreed, documented, changes by ensuring that risks have been properly assessed,
and communicated to ensure that expectations are realistic.” A authorizing changes to proceed, and managing the change
good IT service management tool may help the organization to schedule.” The ‘change enablement’ practice does not provide
meet these times, but the tool cannot ensure that this a single point of contact for service users. Ref 5.2.4
happens. Furthermore, identifying the causes of incidents is C. Correct. “The purpose of the service desk practice is to
a 'problem management' activity Ref 5.2.5 capture demand for incident resolution and service
B. Correct. “Modern IT service management tools can requests. It should also be the entry point and single point
provide automated matching of incidents to other of contact for the service provider with all of its users.” Ref
incidents, problems or known errors”. Ref 5.2.5 5.2.14
C. Incorrect. ‘Incident management’ requires supplier contracts D. Incorrect. “The purpose of the service request management
to be correctly aligned, but ensuring that the contracts are practice is to support the agreed quality of a service by
aligned is a purpose of the ‘supplier management’ practice. Ref handling all pre-defined, user-initiated service requests in an
5.1.13 effective and user-friendly manner.” The ‘service request
D. Incorrect. “The most complex incidents, and all major management’ practice does not provide a single point of
incidents, often require a temporary team to work together to contact for service users. Ref 5.2.16
identify the resolution”. “Investigation of more complicated
incidents often requires knowledge and expertise, rather than
procedural steps.” Ref 5.2.5

6 ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. 7
 Q A Syllabus Ref Rationale Q A Syllabus Ref Rationale
12 A 2.2.e A. Correct. The ‘think and work holistically’ guiding 14 D 7.1.a A. Incorrect. The ‘service level management’ practice is not the
principle advises that all aspects of an organization are responsibility of everyone in the organization. A number of
considered when providing value in the form of services. roles are required but there is no fixed structure. It is
This includes all four dimensions of service management recommended that there is an independent and non-aligned
(organizations and people; information and technology; role where possible. Ref 5.2.15
partners and suppliers; value streams and processes). B. Incorrect. The ‘change enablement’ practice is not the
“Services are delivered to internal and external service responsibility of everyone in the organization. Many roles can
consumers through the coordination and integration of be assigned to change enablement such as change authority. It
the four dimensions of service management.” Ref 4.3.5 also requires input from people with specialist knowledge. Ref
B. Incorrect. The ‘progress iteratively with feedback’ guiding 5.2.4
principle is concerned with breaking initiatives into C. Incorrect. The ‘problem management’ practice is not the
manageable sections that can be executed more easily. It is not responsibility of everyone in the organization. Most problem
primarily concerned with addressing the four dimensions of management activity relies on the knowledge and experience
service management. Ref 4.3.3 of staff. Ref 5.2.8
C. Incorrect. The ‘focus on value’ guiding principle ensures that D. Correct. “continual improvement is everyone’s
everything that the organization does links back to providing responsibility” and “The commitment to and practice of
value to service consumers. It is not primarily concerned with continual improvement must be embedded into every
addressing the four dimensions of service management. Ref fibre of the organization”. Ref 5.1.2
4.3.1
D. Incorrect. The ‘keep it simple and practical’ guiding principle
focuses on keeping things simple by reducing complexity and
eliminating unnecessary activities and steps. It is not primarily
concerned with addressing the four dimensions of service
management. Ref 4.3.6
13 B 7.1.e A. Incorrect. This would be supported by the ‘change
enablement’ practice. A change is “the addition, modification,
or removal of anything that could have a direct or indirect
effect on services.” Normal changes “need to be scheduled,
assessed, and authorized”. Ref 5.2.4
B. Correct. A service request is “a request from a user or a
user’s authorized representative that initiates a service
action which has been agreed as a normal part of service
delivery.” Ref 5.2.16
C. Incorrect. This would be supported by the ‘incident
management’ practice. An incident is “an unplanned
interruption to a service or reduction in the quality of a
service.” Ref 5.2.5
D. Incorrect. This would be supported by the ‘problem
management’ practice. A problem is “a cause, or potential
cause, of one or more incidents”. Ref 5.2.8

8 ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. 9
 Q A Syllabus Ref Rationale Q A Syllabus Ref Rationale
15 D 6.1.a A. Incorrect. “The purpose of the information security 16 B 2.2.b A. Incorrect. The 'focus on value' guiding principle states that
management practice is to protect the information needed by "All activities conducted by the organization should link back,
the organization to conduct its business. This includes directly or indirectly, to value for itself, its customers, and other
understanding and managing risks to the confidentiality, stakeholders." Ref 4.3.1
integrity, and availability of information, as well as other B. Correct. The 'start where you are' guiding principle
aspects of information security such as authentication recommends that "Services and methods already in place
(ensuring someone is who they claim to be) and non- should be measured and/or observed directly to properly
repudiation (ensuring that someone can’t deny that they took understand their current state and what can be reused
an action).” Ref 5.1.3 from them... Getting data from the source helps to avoid
B. Incorrect. “The purpose of the information security assumptions which, if proven to be unfounded, can be
management practice is to protect the information needed by disastrous to timelines, budgets and the quality of
the organization to conduct its business. This includes results." Ref 4.3.2
understanding and managing risks to the confidentiality, C. Incorrect. The 'keep it simple and practical' guiding
integrity and availability of information, as well as other principle states that an organization should "Always use the
aspects of information security such as authentication minimum number of steps needed to accomplish an
(ensuring someone is who they claim to be) and non- objective." Ref 4.3.6
repudiation (ensuring that someone can’t deny that they took D. Incorrect. The 'progress iteratively with feedback principle
an action).” Ref 5.1.3 states that "By organizing work into smaller, manageable
C. Incorrect. “The purpose of the information security sections that can be executed and completed in a timely
management practice is to protect the information needed by manner, the focus on each effort will be sharper and easier to
the organization to conduct its business. This includes maintain." Ref 4.3.3
understanding and managing risks to the confidentiality, 17 C 7.1.c A. Incorrect. “There may be scripts for collecting information
integrity and availability of information, as well as other from users during initial contact”. Ref 5.2.5
aspects of information security such as authentication B. Incorrect. “There should be a formal process for logging and
(ensuring someone is who they claim to be) and non- managing incidents.” Ref 5.2.5
repudiation (ensuring that someone can’t deny that they took C. Correct. “This process does NOT usually include detailed
an action).” Ref 5.1.3 procedures for how to diagnose, investigate, and resolve
D. Correct. “The purpose of the information security incidents.” Ref 5.2.5
management practice is to protect the information needed D. Incorrect. “Investigation of more complicated incidents often
by the organization to conduct its business. This includes requires knowledge and expertise, rather than procedural
understanding and managing risks to the confidentiality, steps.” Ref 5.2.5
integrity and availability of information, as well as other 18 A 2.1 A. Correct. A guiding principle is defined as a
aspects of information security such as authentication recommendation that can guide an organization in all
(ensuring someone is who they claim to be) and non- circumstances and will guide organizations when adopting
repudiation (ensuring that someone can’t deny that they service management. They are not described as
took an action).” Ref 5.1.3 prescriptive or mandatory. Ref 4.3
B. Incorrect. The guiding principles will be reviewed and
adopted by organizations. The guiding principles guide
organizations to make decisions and adopt actions. They do
not mandate specific actions and decisions. Ref 4.3.8
C. Incorrect. Organizations will use the principles relevant to
them and are not mandated to use a given number. Ref 4.3
D. Incorrect. The guiding principles guide organizations to
make decisions and adopt actions. They are not mandatory.
Ref 4.3

10 ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. 11
 Q A Syllabus Ref Rationale Q A Syllabus Ref Rationale
19 B 7.1.b A. Incorrect. “It is essential that the correct change authority is 21 B 5.2.a A. Incorrect. The purpose of the ‘improve’ value chain activity is
assigned to each type of change to ensure that change “to ensure continual improvement of products, services, and
enablement is both efficient and effective.” For normal practices across all value chain activities and the four
changes, “change models based on the type of change dimensions of service management.” Ref 4.5.2
determine the roles for assessment and authorization”. A B. Correct. The purpose of the ‘plan’ value chain activity is
single change authority is inadequate. Ref 5.2.4 “to ensure a shared understanding of the vision, current
B. Correct. “It is essential that the correct change authority status, and improvement direction for all four dimensions
is assigned to each type of change to ensure that change and all products and services across the organization.” Ref
enablement is both efficient and effective.” For normal 4.5.1
changes, “change models based on the type of change C. Incorrect. The purpose of the ‘deliver and support’ value
determine the roles for assessment and authorization”. chain activity is “to ensure that services are delivered and
Ref 5.2.4 supported according to agreed specifications and stakeholders’
C. Incorrect. Normal changes are “changes that need to be expectations.” Ref 4.5.6
scheduled, assessed, and authorized following a process.” D. Incorrect. The purpose of the ‘obtain/build’ value chain
Thus, all normal changes will be authorized by a change activity is “to ensure that service components are available
authority. Standard changes can be pre-authorized: “These are when and where they are needed, and meet agreed
low-risk, pre-authorized changes that are well understood and specifications.” Ref 4.5.5
fully documented, and can be implemented without needing 22 D 5.1 A. Incorrect. “Value chain activities use different combinations
additional authorization”. Ref 5.2.4 of ITIL practices”. No practice belongs to a single value chain
D. Incorrect. “Emergency changes are not typically included in a activity. Ref 4.5
change schedule, and the process for assessment and B. Incorrect. Service value streams are “specific combinations
authorization is expedited to ensure they can be implemented of activities and practices, and each one is designed for a
quickly.” Therefore, all emergency changes will be authorized particular scenario” and “Service relationships include service
by a change authority. Ref 5.2.4 provision, service consumption, and service relationship
20 C 6.1.f A. Incorrect. “The purpose of the change enablement practice management.” Ref 4.5, 2.4.1
is to maximize the number of successful service and product C. Incorrect. Service value streams are “specific combinations
changes by ensuring that risks have been properly assessed, of activities and practices, and each one is designed for a
authorizing changes to proceed, and managing the change particular scenario.” There can be multiple service value
schedule.” Ref 5.2.4 streams within one service value chain. Ref 4.5
B. Incorrect. “The purpose of the service request management D. Correct. “These activities represent the steps an
practice is to support the agreed quality of a service by organization takes in the creation of value. Each activity
handling all pre-defined, user-initiated service requests in an transforms inputs into outputs. These inputs can be
effective and user-friendly manner”. Ref 5.2.16 demand from outside the value chain or outputs of other
C. Correct. “The purpose of the release management activities. All the activities are interconnected, with each
practice is to make new and changed services and features activity receiving and providing triggers for further
available for use”. Ref 5.2.9 action.” Ref 4.5
D. Incorrect. “The purpose of the deployment management
practice is to move new or changed hardware, software,
documentation, processes, or any other component to live
environments.” Ref 5.3.1

12 ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. 13
 Q A Syllabus Ref Rationale Q A Syllabus Ref Rationale
23 A 6.1.c A. Correct. “The purpose of the supplier management 25 C 6.1.n A. Incorrect. “The purpose of the problem management
practice is to ensure that the organization’s suppliers and practice is to reduce the likelihood and impact of incidents by
their performance are managed appropriately to support identifying actual and potential causes of incidents, and
the seamless provision of quality products and services”. managing workarounds and known errors.” Ref 5.2.8
Ref 5.1.13 B. Incorrect. “The purpose of the change enablement practice
B. Incorrect. “The purpose of the continual improvement is to maximize the number of successful service and product
practice is to align the organization’s practices and services changes by ensuring that risks have been properly assessed,
with changing business needs through the ongoing authorizing changes to proceed, and managing the change
improvement of products, services, and practices, or any schedule.” Ref 5.2.4
element involved in the management of products and C. Correct. “The purpose of the service desk practice is to
services.” This is not the purpose of the ‘supplier management’ capture demand for incident resolution and service
practice. An organization is unlikely to change its practices to requests. It should also be the entry point and single point
suit a supplier’s needs. Ref 5.1.2 of contact for the service provider with all of its users.” Ref
C. Incorrect. “The purpose of the relationship management 5.2.14
practice is to establish and nurture the links between the D. Incorrect. “The purpose of the service level management
organization and its stakeholders at strategic and tactical practice is to set clear business-based targets for service
levels”. This is not the purpose of the ‘supplier management’ performance, so that the delivery of a service can be properly
practice. Ref 5.1.9 assessed, monitored, and managed against these targets.” Ref
D. Incorrect. “The purpose of the service configuration 5.2.15
management practice is to ensure that accurate and reliable 26 B 7.1.a A. Incorrect. The guidance describes how there are many
information about the configuration of services, and the CIs methods that can be used for improvement initiatives and
that support them, is available when and where it is needed”. warns against using too many. It further states that “Different
This is not the purpose of the ‘supplier management’ practice. types of improvement may call for different improvement
Ref 5.2.11 methods”. Therefore, using a new method each time is
24 B 1.2.a A. Incorrect. The price of the service is only part of the costs inappropriate. Ref 5.1.2
imposed on the consumer. The cost of creating the service is a B. Correct. The guidance describes how there are many
concern of the service provider, not the service consumer. The methods that can be used for improvement initiatives and
service consumer should also evaluate the costs removed from warns against using too many. The guidance states “It is a
the consumer. Ref 2.5.2 good idea to select a few key methods that are
B. Correct. From the service consumer’s perspective, there appropriate to the types of improvement the organization
are two types of costs involved in service relationships: typically handles and to cultivate those methods”. Ref 5.1.2
1. Costs removed from the service consumer by the service C. Incorrect. The guidance describes how there are many
(a part of the value proposition). This may include costs of methods that can used for improvement initiatives and warns
staff, technology, and other resources which are not against using too many. Ref 5.1.2
needed by the consumer. D. Incorrect. The guidance describes how there are many
2. Costs imposed on the consumer by the service (the costs methods that can be used for improvement initiatives and
of service consumption). The total cost of consuming a warns against using too many. It further states that “Different
service includes the price charged by the service provider types of improvements may call for different improvement
(if any), plus other costs such as staff training, costs of methods”. Therefore, selecting a single method is
network utilization, procurement, etc. Ref 2.5.2 inappropriate. Ref 5.1.2
C. Incorrect. The cost of provisioning the service, and the cost
of improving the service are concerns of the service provider,
not the service consumer. The service consumer should
evaluate the costs removed from the consumer and the costs
imposed on the consumer. Ref 2.5.2
D. Incorrect. The two types of cost that a service consumer
should evaluate are costs removed from the consumer and
costs imposed on consumers. The cost of hardware and
software may be included in either of these, but will only be
part of that cost. Ref 2.5.2

14 ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. 15
 Q A Syllabus Ref Rationale Q A Syllabus Ref Rationale
27 D 4.1 A. Incorrect. The seven guiding principles are ‘focus on value’, 30 A 7.1.b A. Correct. “These are low-risk, pre-authorized changes
‘start where you are’, ‘progress iteratively with feedback’, that are well understood and fully documented, and can
‘collaborate and promote visibility’, ‘think and work holistically’, be implemented without needing additional authorization.
‘keep it simple and practical’ and ‘optimize and automate’. Ref They are often initiated as service requests, but may also
4.3 be operational changes. When the procedure for a
B. Incorrect. The four dimensions of service management are standard change is created or modified, there should be a
‘organizations and people’, ‘information and technology’, full risk assessment and authorization as for any other
‘partners and suppliers’, and ‘value streams and processes’. Ref change. This risk assessment does not need to be repeated
3.1-3.4 each time the standard change is implemented; it only
C. Incorrect. The activities of the service value chain are ‘plan’, needs to be done if there is a modification to the way it is
‘improve’, ‘engage’, ‘design and transition’, ‘obtain/build’, and carried out.” Ref 5.2.4
‘deliver and support’. Ref 4.5 B. Incorrect. Normal changes are “changes that need to be
D. Correct. The components of the service value system scheduled, assessed, and authorized.” Ref 5.2.4
are ‘guiding principles’, ‘governance’, ‘service value chain’, C. Incorrect. An emergency change that is needed to resolve an
‘practices’, and ‘continual improvement’. Ref 4.1 incident should still be assessed and authorized. “As far as
28 C 7.1.f A. Incorrect. “With increased automation, AI, robotic process possible, emergency changes should be subject to the same
automation (RPA), and chatbots, service desks are moving to testing, assessment, and authorization as normal changes”. Ref
provide more self-service logging and resolution directly via 5.2.4
online portals and mobile applications.” Ref 5.2.14 D. Incorrect. This is a description of a normal change: “changes
B. Incorrect. “The service desk may not need to be highly that need to be scheduled, assessed, and authorized”. Ref 5.2.4
technical, although some are.” Ref 5.2.14 31 C 7.1.d A. Incorrect. A change request is only raised if it is justified.
C. Correct. “Another key aspect of a good service desk is its “Error control also includes identification of potential
practical understanding of the wider organization, the permanent solutions which may result in a change request for
business processes, and the users.” Ref 5.2.14 implementation of a solution, but only if this can be justified in
D. Incorrect. “In some cases, the service desk is a tangible terms of cost, risks, and benefits”. Ref 5.2.8
team, working in a single location... In other cases, a virtual B. Incorrect. The ‘incident management’ practice restores
service desk allows agents to work from multiple locations, service not the ‘problem management’ practice. “The purpose
geographically dispersed.” Ref 5.2.14 of the incident management practice is to minimize the
29 C 2.2.c A. Incorrect. The ‘Focus on value’ guiding principle helps to negative impact of incidents by restoring normal service
ensure that you consider all aspects of value for the service operation as quickly as possible.”. Ref 5.2.5
consumer, as well as the service provider and other C. Correct. “An effective incident workaround can become
stakeholders. It does not specifically describe organizing work a permanent way of dealing with some problems when
into smaller, manageable sections that can be executed and resolving the problem is not viable or cost-effective. In this
completed in a timely manner. Ref 4.3.1 case, the problem remains in the known error status, and
B. Incorrect. The ‘Start where you are’ guiding principle helps to the documented workaround is applied should related
avoid waste and leverage existing services, processes, people, incidents occur”. Ref 5.2.8
tools, etc. It does not specifically describe organizing work into D. Incorrect. The problem record is not deleted. “Workarounds
smaller, manageable sections that can be executed and are documented in problem records”. “.. the problem remains
completed in a timely manner. Ref 4.3.2 in the known error status, and the documented workaround is
C. Correct. The description of the ‘progress iteratively with applied should related incidents occur”. Ref 5.2.8
feedback’ guiding principle says “by organizing work into
smaller, manageable sections that can be executed and
completed in a timely manner, the focus on each effort
will be sharper and easier to maintain.” Ref 4.3.3
D. Incorrect. The ‘collaborate and promote visibility’ guiding
principle helps to involve the right people and provide better
decision-making and greater likelihood of success. It does not
specifically describe organizing work into smaller, manageable
sections that can be executed and completed in a timely
manner. Ref 4.3.4

16 ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. 17
 Q A Syllabus Ref Rationale Q A Syllabus Ref Rationale
32 A 6.2.d A. Correct. A change is the “addition, modification, or 35 D 3.1.b A. Incorrect. “The challenges of information management, such
removal of anything that could have a direct or indirect as those presented by security and regulatory compliance
effect on services”. Ref 5.2.4 requirements, are also a focus of [the ‘information and
B. Incorrect. “The purpose of the service configuration technology] dimension”. Ref 3.2
management practice is to ensure that accurate and reliable B. Incorrect. “The technologies that support service
information about the configuration of services, and the CIs management include, but are not limited to, workflow
that support them, is available when and where it is needed.” management systems, knowledge bases, inventory systems,
Ref 5.2.11 communication systems, and analytical tools”. Ref 3.2
C. Incorrect. “The purpose of the release management practice C. Incorrect. “The technologies that support service
is to make new and changed services and features available for management include, but are not limited to, workflow
use”. Ref 5.2.9 management systems, knowledge bases, inventory systems,
D. Incorrect. “The purpose of the deployment management communication systems, and analytical tools.” Ref 3.2
practice is to move new or changed hardware, software, D. Correct. “The organizations and people dimension of a
documentation, processes, or any other component to live service covers roles and responsibilities, formal
environments.” Ref 5.3.1 organizational structures, culture, and required staffing
33 A 6.2.b A. Correct. “An event can be defined as any change of state and competencies, all of which are related to the creation,
that has significance for the management of a service or delivery, and improvement of a service.” Ref 3.1
other configuration item (CI)”. Ref 5.2.7 36 D 7.1.d D. Correct.
B. Incorrect. The definition of a configuration item is “any (1) “Problem management activities can identify
component that needs to be managed in order to deliver an IT improvement opportunities in all four dimensions of
service.” Ref 5.2.11 service management. Solutions can in some cases be
C. Incorrect. An incident is “An unplanned interruption to a treated as improvement opportunities, so they are
service or reduction in the quality of a service.” Ref 5.2.5 included in a continual improvement register (CIR), and
D. Incorrect. An IT asset is “Any financially valuable component continual improvement techniques are used to prioritize
that can contribute to the delivery of an IT product or service.” and manage them.”
Ref 5.2.11 (4) “Error control also includes identification of potential
34 C 1.2.d A. Incorrect. “A tangible or intangible deliverable of an activity” permanent solutions which may result in a change request
is the definition of an output, not an outcome. Ref 2.5.1 for implementation of a solution.” Ref 5.2.8
B. Incorrect. “The functionality offered by a product or service A, B C. Incorrect.
to meet a particular need” is the definition of utility, not an (2) “The purpose of the service request management practice is
outcome. The utility of the service may facilitate outcomes. Ref to support the agreed quality of a service by handling all pre-
2.5.4 defined, user-initiated service requests in an effective and
C. Correct. An outcome is “a result for a stakeholder user-friendly manner.” Ref 5.2.16
enabled by one or more outputs”. The definition of a (3) “The purpose of the service level management practice is to
service describes how the value of a service enables value set clear business-based targets for service levels, and to
co-creation by facilitating outcomes that customers want ensure that delivery of services is properly assessed,
to achieve. Ref 2.5.1 monitored, and managed against these targets.” Ref 5.2.15
D. Incorrect. A product is “a configuration of an organization’s
resources designed to offer value for a consumer.” Ref 2.3.1

18 ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. 19
 Q A Syllabus Ref Rationale Q A Syllabus Ref Rationale
37 B 2.2.f A. Incorrect. “Trying to provide a solution for every exception 40 B 1.1.c A. Incorrect. An output is “A tangible or intangible deliverable
will often lead to over-complication. When creating a process of an activity”. Ref 2.5.1
or a service, designers need to think about exceptions, but they B. Correct. Warranty is “assurance that a product or
cannot cover them all. Instead, rules should be designed that service will meet agreed requirements.” Ref 2.5.4
can be used to handle exceptions generally.” Ref 4.3.6 C. Incorrect. A risk is “a possible event that could cause harm or
B. Correct. The ‘keep it simple and practical’ guiding loss, or make it more difficult to achieve objectives”. Ref 2.5.3
principle states: “When analyzing a practice, process, D. Incorrect. Utility is “the functionality offered by a product or
service, metric, or other improvement target, always ask service to meet a particular need”. Ref 2.5.4
whether it contributes to value creation.” Ref 4.3.6.1
C. Incorrect. “When designing, managing, or operating
practices, be mindful of conflicting objectives ... the
organization should agree on a balance between its competing
objectives.” Ref 4.3.6.2
D. Incorrect. “It is better to start with an uncomplicated
approach and then carefully add controls, activities, or metrics
when it is seen that they are truly needed.” Ref 4.3.6.1
38 C 2.2.a A. Incorrect. It is essential to determine who the service
consumer is, and what they value. The outcomes should be
based on this understanding, rather than determining them.
“The first step in focusing on value is knowing who is being
served. In each situation the service provider must, therefore,
determine who the service consumer is”. Ref 4.3.1.1
B. Incorrect. Suppliers and partners are possible stakeholders,
but it is important to identify the service consumer first. “The
first step in focusing on value is knowing who is being served.
In each situation the service provider must, therefore,
determine who the service consumer is”. Ref 4.3.1.1
C. Correct. “The first step in focusing on value is knowing
who is being served. In each situation the service provider
must, therefore, determine who the service consumer is”.
Ref 4.3.1.1
D. Incorrect. The cost of providing the service may have some
impact on the value from the perspective of the service
provider. But “The first step in focusing on value is knowing
who is being served. In each situation the service provider
must, therefore, determine who the service consumer is”. Ref
4.3.1.1
39 D 1.3.a A. Incorrect. The combination of things described in this option
may help to create value, but it is not an example of value.
Value is “the perceived benefits, usefulness and importance of
something.” Ref 2.1
B. Incorrect. The combination of things described in this option
may help to create an outcome, but it is not an example of an
outcome. Outcome is “a result for a stakeholder enabled by
one or more outputs.” Ref 2.5.1
C. Incorrect. Warranty is “assurance that a product or service
will meet agreed requirements.” New functionality may or may
not affect warranty. Ref 2.5.4
D. Correct. Service providers define combinations of goods,
access to resources and service actions, to address the
needs of different consumer groups. These combinations
are called service offerings. Ref 2.3.2

20 ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. 21
 Notes Notes

22 ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. ITIL® 4 Foundation Sample Paper 1 Answers and Rationales | Copyright© PeopleCert International Ltd. 23