A.  

It provides a means for calculating the cost/benefit associated with prioritized governance and management objectives.

B.  

It indicates the relevance of a governance or management objective with a particular design factor.

C.  

It indicates the degree of alignment of each governance and management objective with enterprise strategy.

D.  

It provides a high level view of the importance of governance and management objectives for presentation purposes.

A.  

Completion of EGIT project implementation regardless of the amount of time required

B.  

Transition of EGIT projects into the enterprise's normal development life cycle

C.  

Development of a record of unapproved EGIT projects

D.  

Mitigation of all risks associated with the implementation of EGIT projects

A.  

Enterprise process practices and activities

B.  

Enterprise roles and organizational structures

C.  

Enterprise procedures and job descriptions

A.  

Internal

B.  

Learning and growth

C.  

Customer

A.  

Organizational structures

B.  

People, skills and competencies

C.  

Principles, policies and frameworks

A.  

Include a scope statement in the business case.

B.  

Add key performance indicators (KPIs) to a balanced scorecard.

C.  

Generate an IT governance policy.

A.  

A well-developed business case

B.  

Earned value management reporting

C.  

Stage gate reviews by a governance team

A.  

DSS03 Managed Problems

B.  

APO10 Managed Vendors

C.  

AP014 Managed Data

D.  

BAI11 Managed Projects

A.  

Maintaining integrity and consistency

B.  

Aligning with internal IT policies and procedures

C.  

Identifying related industry standards

A.  

Managed innovation (APO04)

B.  

Managed quality (AP011)

C.  

Managed relationships (APO08)

D.  

Managed budget and costs (APO06)

A.  

Avoiding technological obsolescence

B.  

Enhancing brand reputation

C.  

Improving customer experience

A.  

All projects

B.  

Only projects that require corrective action

C.  

All projects deemed appropriate by IT management

D.  

Only projects that are achieving desired results

A.  

IT managers and IT process owners

B.  

CIO and program steering committee

C.  

Board of directors and business executives

D.  

Risk and compliance function and IT audit

A.  

Building plans to align with the direction set by the governance body

B.  

Monitoring activities designed to achieve enterprise objectives

C.  

Evaluating stakeholder needs to determine enterprise objectives

A.  

Culture, ethics and behavior

B.  

People, skills and competencies

C.  

Information flow and items

A.  

Obtaining executive management support for IT governance

B.  

Identifying further governance requirements

C.  

Evaluating business performance reports

A.  

Maturity level

B.  

Key goal indicator

C.  

Process capability rating

A.  

Design factor

B.  

Focus area

C.  

Enablers

A.  

Accountability can be delegated.

B.  

Accountability must be approved by the board.

C.  

Accountability cannot be shared.

A.  

Individual business units

B.  

External regulators

C.  

The board

A.  

A clearly defined I&T management structure

B.  

An actionable strategy and governance system

C.  

Well-documented and monitored business processes

A.  

Culture, ethics and behavior

B.  

People, skills and competencies

C.  

Principles, policies and frameworks

A.  

The governance framework should be rigorous and focus exclusively on prioritized existing issues.

B.  

The governance framework should be based on a single relevant standard, framework or regulation.

C.  

The governance framework should allow for flexibility in addressing new issues.

A.  

Board of directors

B.  

IT process owners

C.  

IT audit department

D.  

CIO

A.  

When denning potential implementation problems and opportunities

B.  

When executing the EGIT implementation program plan

C.  

When developing the EGIT implementation program plan

D.  

When defining the EGIT Implementation Road map

A.  

The size of the enterprise

B.  

National or international locations

C.  

Cloud versus on-premises services

A.  

By defining organizational structure with specific roles and responsibilities

B.  

By setting performance metrics for enabler goals

C.  

By providing clear definition of the processes and required activities

A.  

The CIO and the program steering committee

B.  

Business executives and the l&I governance board

C.  

IT managers and IT process owners

D.  

The risk and compliance function and IT audit

A.  

Review governance objectives that correspond to high compliance requirements.

B.  

Reconcile inherent priority conflicts.

C.  

Define target capability levels for the most critical objectives.

D.  

Refine the scope of the governance system.

A.  

Financial

B.  

Internal

C.  

Customer

A.  

Financial sector

B.  

Public sector agencies

C.  

Nonprofit enterprises

D.  

Health care providers

A.  

People, skills and competencies

B.  

Processes

C.  

Principles, policies and frameworks

A.  

Perform a process risk assessment

B.  

Calculate return on investment (ROI)

C.  

Conduct a capabilities assessment

A.  

Procurement office

B.  

l&T security

C.  

Executive leadership team

D.  

Legal office

A.  

Sans Security Policy Framework

B.  

Cyber Security Framework

C.  

Skills Framework for the Information Age

A.  

IT management

B.  

Business management

C.  

Human resources

D.  

Board and executives

A.  

Risk response strategy

B.  

Key risk indicators (KRIs)

C.  

Enterprise's risk appetite

D.  

Risk management framework

A.  

Where are we now?

B.  

How do we get there?

C.  

Where do we want to be?

D.  

What are the drivers?

A.  

the ratio of costs versus achieved service levels.

B.  

a balance among benefits, risk and resources.

C.  

maximized financial benefits to the investment portfolio.

A.  

Turnaround

B.  

Strategic

C.  

Support

A.  

Financial

B.  

Growth

C.  

Internal

A.  

Delivery of programs on time and on budget

B.  

Product and business innovation

C.  

Quality of management information

A.  

Learning and Growth

B.  

Customer

C.  

Internal

A.  

To better understand the current state as compared to the target

B.  

To better understand the cost of implementing the improved process

C.  

To better understand the current level of risk versus future risk

A.  

IT governance identifies benchmarking standards.

B.  

IT governance includes identification of business risk.

C.  

IT governance is sponsored by executives.

A.  

Lack of consequences for not attending

B.  

Failure to utilize program management principles

C.  

Lack of senior leadership commitment

A.  

Culture, ethics and behavior

B.  

Principles, policies and frameworks

C.  

People, skills and competencies

A.  

Performance management

B.  

Enterprise goals

C.  

Risk frameworks

D.  

Implementation costs

A.  

Adapt the COBIT roles and organizational structures.

B.  

Revise the organizational hierarchy with job descriptions.

C.  

Add two levels of involvement for consulted and informed.

A.  

Growth

B.  

Customer

C.  

Internal

A.  

To document I&T business objectives and processes

B.  

To deliver stakeholder value from I&T-enabled investments

C.  

To comply with I&T regulatory requirements

A.  

design a governance system that focuses primarily on compliance requirements,

B.  

ensure each of the stages and steps in the design process are closely adhered to.

C.  

implement a governance framework that is strictly aligned to industry standards.

D.  

realize a governance system that is tailored to their needs.

A.  

Risk response document

B.  

Identified quick wins

C.  

High-level program plan

D.  

Detailed business case

A.  

Realization of benefits at a controlled resource cost while controlling risk

B.  

Realization of benefits at an optimal resource cost while optimizing risk

C.  

Realization of benefits at a reduced resource cost while mitigating risk

A.  

individual business unit goals.

B.  

IT-specific goals.

C.  

larger enterprise goals.