Which of the following would provide the BEST input for prioritizing strategic IT improvement initiatives?

A. Business case evaluation
B. Business process analysis
C. Business impact analysis
D. Business dependency assessment

Which of the following BEST enables the alignment of IT and enterprise strategy?

A. Project portfolio management
B. IT resource planning
C. IT performance monitoring and reporting
D. Enterprise compliance audits

To meet the growing demands of a newly established business unit, IT senior management has been tasked with changing the current IT organization model to service-oriented. With significant growth expected of the IT organization, which of the following is the MOST important consideration when planning for long-term IT service delivery?

A. The IT organization is able to sustain business requirements.
B. IT is able to provide a comprehensive service catalog to the business.
C. The IT service delivery model is approved by the business.
D. An IT risk management process is in place.

Which of the following BEST indicates that a change management process has been implemented successfully?

A. Degree of control
B. Outcome measures
C. Process performance
D. Maturity levels

An enterprise's strategic change requires an IT strategic initiative re-evaluation. Which of the following BEST indicates that an established IT governance framework could handle the re-evaluation?

A. Creation of an IT steering committee to align the IT strategic initiatives to the recent change
B. Inclusion of IT portfolio management procedures with strategic change review activities
C. Development of a business case to evaluate the impact of the strategic change
D. Holding IT investments until an analysis of the strategic change impact was complete

Which of the following should be the FIRST step for executive management to take in communicating what is considered acceptable use with regard to personally owned devices for company business?

A. Post awareness messages throughout the facility.
B. Develop and disseminate an applicable policy.
C. Provide training on how to protect data on personal devices.
D. Require employees to read and sign a disclaimer.

Before establishing IT key risk indicators, which of the following should be defined FIRST?

A. IT risk and security framework
B. IT key performance indicators
C. IT goals and objectives
D. IT resource strategy

When assessing the impact of a new regulatory requirement, which of the following should be the FIRST course of action?

A. Update affected IT policies.
B. Implement new regulatory requirements.
C. Assess the budget impact of the new regulation.
D. Map the regulation to business processes.

A large enterprise's IT department has identified a new risk management solution that would significantly enhance IT risk monitoring processes. However, there is a business perception that the new solution would not provide a visible benefit to the enterprise. Which of the following is the BEST way to gain business support?

A. Articulate the business value of the new solution.
B. Promote the IT benefits and the streamlining of processes.
C. Provide real time risk reporting to the business.
D. Obtain sign-off on a reduced headcount over the next five years.

Which of the following will BEST enable an enterprise to convey IT governance direction and objectives?

A. Corporate culture
B. Business processes
C. Principles and policies
D. Skills and competencies