Which of the following BEST indicates the success of an enterprise's IT governance framework after implementation?
A. A high percentage of business owners involved with the approval of the IT strategic plan
B. A high percentage of IT systems complying with corporate information security standards
C. A high percentage of IT projects delivered on time and on budget
D. A high percentage of IT investments delivering expected benefits
When considering an IT change that would enable a potential new line of business, the FIRST strategic step for IT governance would be to ensure agreement among the stakeholders regarding:
A. objectives to achieve goals.
B. metrics to measure effectiveness
C. a vision for the future state,
D. a change response plan
An enterprise's chief information officer (CIO) has been receiving complaints from business executives regarding the amount their units are being charged for IT services. To maintain a good relationship with business peers, the CIO wants to be responsive to these complaints. To address this issue, the FIRST step should be to:
A. agree to reduce charge rates and improve relationship management with the business.
B. look into outsourcing of support functions to drive down the cost structure.
C. ask the chief financial officer (CFO) about budget revisions for the business units' IT expenditures.
D. quantify consumption and service level agreement (SLA) achievements per business unit.
The BEST time to identity metrics to measure the performance of an IT-enabled investment is during:
A. system implementation
B. project initiation
C. investment feasibility analysis
D. business case development.
A CIO is concerned with the potential of vendor system failures that could cause a large amount of unintended system downtime. To determine how to prepare for this concern, what is MOST important for the CIO to review?
A. IT balanced scorecard
B. Service-level metrics
C. IT procurement policy
D. Business impact analysis (BIA)
An IT strategy committee has reviewed an audit report indicating sales employees are using personal smartphones to conduct corporate business. Although the committee appreciates the business benefits, it is also concerned with the security risk. To deliver the business benefit, what should be the committee's FIRST recommendation?
A. Document procedures for securing personal devices.
B. Improve training courses on securing corporate information.
C. Perform a risk assessment on personal device data protection.
D. Update the corporate security policy to include personal devices.
Which of the following should be the FIRST step in updating an IT strategic plan?
A. Revise the enterprise architecture (EA).
B. Review IT performance objectives and indicators.
C. Evaluate IT capabilities and resources.
D. Identify changes in enterprise goals.
An enterprise is planning to migrate its IT infrastructure to a cloud-based solution but does not have experience with this technology Which of the following should be done FIRST to reduce the risk of IT service disruptions when using this new technology?
A. Implement key performance indicators (KPIs).
B. Reflect the change in the enterprise architecture (EA).
C. Evaluate the sourcing options.
D. Engage an experienced IT consultant to perform the migration.
The board of a start-up company has directed the CIO to develop a technology resource acquisition and management policy. Which of the following should be the MOST important consideration during the development of this policy?
A. Enterprise growth plans
B. Industry best practices
C. Organizational knowledge retention
D. IT staff competencies
Ben is the project manager of the CMH Project for his organization. He has identified a risk that has a low probability of happening, but the impact of the risk event could save the project and the organization with a significant amount of capital. Ben assigns Laura to the risk event and instructs her to research the time, cost, and method to improve the probability of the positive risk event. Ben then communicates the risk event and response to management. What risk response has been used here?
A. Enhance
B. Transference
C. Sharing
D. Exploit