A.  

Risk response strategy

B.  

Enterprise's risk appetite

C.  

Risk management framework

D.  

Key risk indicators (KRIs)

A.  

Managed digital transformation programs

B.  

Portfolio of competitive products and services

C.  

Quality of management information

D.  

Optimization of business process costs

A.  

Concluding the governance system design

B.  

Refining the scope

C.  

Determining the initial scope

D.  

Understanding the enterprise strategy

A.  

IT trends that could be used in favor of the enterprise

B.  

Service delivery problems by IT outsourcers

C.  

Geopolitical situations affecting the enterprise

D.  

Potential new competitors entering the market

A.  

Enterprise strategy

B.  

Enterprise goals

C.  

Threat landscape

D.  

Geopolitical situation

A.  

Conduct stage gate reviews during implementation.

B.  

Establish a return on investment (ROI)target.

C.  

Monitor key risk indicators (KRIs).

D.  

Define operational performance metrics.

A.  

Defining improvement opportunities

B.  

Creating a capability maturity model

C.  

Performing a SWOT analysis

D.  

Conducting a gap analysis.

A.  

Make EGIT a discussion issue for the board and related committees.

B.  

Require IT management to define the expected value from IT without input from stakeholders.

C.  

Establish EGIT as the solution for all IT-related problems.

D.  

Encourage the use of short-term solutions to address current IT problems.

A.  

Identify software alternatives to document the scope.

B.  

Determine whether or not each design factor is applicable

C.  

Select the stakeholders involved in the governance system design.

D.  

Invite key stakeholders to update the scope.

A.  

Ensure the implementation includes the full scope of activities required.

B.  

Provide guidance on risk and compliance issues identified during implementation.

C.  

Monitor the implementation and provide direction when necessary.

D.  

Take ownership for business participation in the implementation.

A.  

The IT strategic plan

B.  

A matrixed scoring methodology

C.  

The enterprises risk tolerance

D.  

Expected performance outcomes

A.  

developing metrics to monitor l&T performance.

B.  

identifying potential process improvements.

C.  

identifying key enterprise and supporting alignment goals.

D.  

raising executive awareness of IT and the value of EGIT.

A.  

Managed data (AP014)

B.  

Managed enterprise architecture

C.  

Managed risk

D.  

Managed IT changes

A.  

When the enterprise requires a broad, holistic, and comprehensive view of its governance system

B.  

When key stakeholders cannot agree on governance objectives, strategy, and priorities

C.  

When the enterprise needs to focus on one key initiative requiring a major investment

D.  

When the enterprise must meet complex regulatory requirements for which the enterprise is not currently in compliance

A.  

Shifts in the market or economy

B.  

Merger, acquisition, or divestitureC New business strategy or priority

C.  

External consultant assessment

A.  

I&T security

B.  

Executive leadership team

C.  

Legal office

D.  

Procurement office

A.  

Cost

B.  

Stability

C.  

Innovation

D.  

Growth

A.  

What needs to be done?

B.  

Where do we want to be?

C.  

How do we get there?

D.  

Where are we now?

A.  

Process activities

B.  

Process metrics

C.  

Process practices

D.  

Process purpose

A.  

Ensured risk optimization (EDM03)

B.  

Ensured stakeholder engagement (EDM05)

C.  

Ensured resource optimization (EDM04)

D.  

Ensured benefits delivery (EDM02)

A.  

Continuing to regularly communicate the need for good governance

B.  

Delegating responsibility for EGIT to external resources

C.  

Focusing resources on service delivery rather than process improvement

D.  

Operating EGIT independently and outside the course of normal business practice

A.  

IT managers and IT process owners

B.  

The CIO and business executives

C.  

The risk and compliance function and IT audit

D.  

The board of directors and the program steering committee

A.  

To identify areas of risk that require mitigation

B.  

To identify areas of risk that exceed risk appetite

C.  

To identify areas of risk that cause technology disruption

D.  

To identify areas of risk that impact business continuity

A.  

How do we get there?

B.  

Where are we now?

C.  

What needs to be done?

D.  

Did we get there?

A.  

IT managers

B.  

IT process owners

C.  

Program steering committee

D.  

ICIO

A.  

An enterprise structure that includes business involvement from tactical and operational levels

B.  

Failure to identify and justify the cost of investment to the perceived benefits

C.  

Too much enterprise emphasis on change enablement and consensus building

D.  

Existence of too many process improvement performance metrics

A.  

Enterprise risk committee

B.  

Executive committee

C.  

Business owners

D.  

Portfolio management

A.  

Ranking of enterprise and alignment goals

B.  

Capability levels for processes

C.  

Prioritization of governance and management objectives

D.  

Selection of the technology adoption strategy

A.  

Information security

B.  

Digital transformation

C.  

DevOps

D.  

Cloud

A.  

Identification of process improvement opportunities

B.  

Identification and mitigation of all identified risks

C.  

Development of enterprise goals that align to established targets

D.  

Development of a business case outline

A.  

Implement a governance framework that is strictly aligned to industry standards.

B.  

Realize a governance system that is tailored to their needs.

C.  

Design a governance system that focuses primarily on compliance requirements.

D.  

Ensure each of the stages and steps in the design process are closely adhered to.