An enterprise is planning to replace multiple enterprise resource planning (ERP) systems at various regions with one company-wide ERP system. The main objective of this change is to achieve economies of scale efficiencies resulting in cost reductions. To meet this objective, what is the BEST approach in the planning phase of the project?
A. Implement an ERP system on shared resources with the lowest cost.
B. Minimize customization by standardizing ERP processes across regions.
C. Adopt a best in breed web-based architecture for the ERP system.
D. Use a service provider to evaluate and implement the new ERP processes.
Which of the following is the MOST important reason to include internal audit as a stakeholder when establishing clear roles for the governance of IT?
A. Internal audit has knowledge and technical expertise to advise on IT infrastructure.
B. Internal audit is accountable for the overall enterprise governance of IT.
C. Internal audit implements controls over IT risks and security.
D. Internal audit provides input on relevant issues and control processes.
A newly established IT steering committee is concerned whether a system is meeting availability objectives. Which of the following will provide the BEST information to make an assessment?
A. Balanced scorecard
B. Capability maturity levels
C. Performance indicators
D. Critical success factors (CSFs)
Which of the following would a CIO use to present the overall view of IT performance to the board of directors?
A. Balanced scorecard
B. Key risk indicators (KRIs)
C. Maturity model
D. Key performance indicators (KPIs)
It has been discovered that multiple business units across an enterprise are using duplicate IT applications and services to fulfill their individual needs. Which of the following would be MOST helpful to address this concern?
A. Enterprise architecture (EA)
B. Enterprise risk framework
C. IT service management
D. IT project roadmap
Establishing a uniform definition for likelihood and impact BEST enables an enterprise to:
A. reduce variance in the assessment of risk.
B. develop key risk indicators (KRIs).
C. prioritize threat assessment.
D. reduce risk appetite and tolerance levels.
During an IT strategy review, a new CIO determined that numerous important internal processes have not been updated for several years and should be reexamined. Which of the following would be the BEST approach to address this concern?
A. Implement a process review policy.
B. Assemble a project review team
C. Verify that the processes are still needed
D. Map the processes to a capability maturity model.
Which of the following is the PRIMARY ongoing responsibility of the IT governance function related to risk?
A. Responding to and controlling all IT risk events
B. Communicating the enterprise risk management plan
C. Ensuring IT risk management is aligned with business risk appetite
D. Verifying that all business units have staff skilled at assessing risk
Which of the following should be the PRIMARY consideration for an enterprise when prioritizing IT projects?
A. Technical capability of the enterprise to execute the projects
B. Process owner expectations based on operational benefits
C. Results of IT performance benchmarks against competitors
D. Impact on the business due to expected project outcomes
A review of the effectiveness of IT governance within an enterprise has revealed that several innovation improvement initiatives are failing. An analysis shows a lack of stakeholder buy-in to the improvements. Implementing which of the following would have prevented this problem?
A. An IT project roadmap
B. An IT risk management program
C. A change management program
D. A service delivery framework
Which of the following is the BEST way for a CIO to secure support for a strategy to achieve long-term IT objectives?
A. Make the necessary strategic decisions and notify staff accordingly.
B. Develop tactics to implement the strategy and share with stakeholders.
C. Develop a communication plan for distribution of information to staff.
D. Meet with stakeholders to explain the strategy and incorporate feedback.
An enterprise has performed a business impact analysis (BIA) considering a number of risk scenarios Which of the following should the enterpnse do NEXT?
A. Perform a risk controls gap analysis
B. Update the disaster recovery plan (DRP)
C. Verify compliance with relevant legislation
D. Assess risk mitigation strategies
Which of the following will BEST enable an IT steering committee to monitor the achievement of overall IT objectives on a continuous basis?
A. Defined service level agreements (SLAs)
B. Project portfolio dashboards
C. Key performance indicators (KPIs)
D. IT user survey results
Which of the following is MOST important to consider when planning to implement a cloud- based application for sharing documents with internal and external parties?
A. Cloud implementation model
B. User experience
C. Information ownership
D. Third-party access rights
A government agency plans to use predictive analytics to improve the quality of its services. The IT director is confident they have selected the right tool and can acquire appropriate resources to support the business need. Which of the following should be the director's NEXT course of action?
A. Ensure job descriptions are available for newly-hired IT resources.
B. Ensure IT has the appropriate processes in place.
C. Implement a balanced scorecard to measure service quality.
D. Establish a data governance council that includes IT senior management.