An enterprise made a significant change to its business operating model that resulted in a new strategic direction. Which of the following should be reviewed FIRST to ensure IT congruence with the new business strategy?

A. IT investment portfolio
B. Information systems architecture
C. Enterprise project management framework
D. IT risk appetite

Which of the following provides the MOST comprehensive insight into the effectiveness of IT?

A. IT strategy
B. IT balanced scorecard
C. Key risk indicators (KRIs)
D. Return on investment (ROI)

Following a re-prioritization of business objectives by management, which of the following should be performed FIRST to allocate resources to IT processes?

A. Perform a maturity assessment.
B. Implement a RACI model.
C. Refine the human resource management plan.
D. Update the IT strategy.

A board of directors has just received a report indicating that only a small number of IT initiatives have been completed on time and within budget. A third of the projects were cancelled prior to completion, and more than half will cost almost double their original estimates. An analysis has determined that no one is held responsible for the completion of investment initiatives, and there is no consistency in execution. Which of the following would BEST help the enterprise address these problems?

A. Aligning IT investment priorities to the business
B. Establishing a project governance framework
C. Assigning business management to an IT investment review board
D. Establishing an IT risk management plan

An enterprise-wide strategic plan has been approved by the board of directors. Which of the following would BEST support the planning of IT investments required for the enterprise?

A. Service-oriented architecture
B. Contingency planning
C. Enterprise architecture (EA)
D. Enterprise balanced scorecard

An enterprise incurred penalties for noncompliance with privacy regulations. Which of the following is MOST important to ensure appropriate ownership of access controls to address this deficiency?

A. Engaging an audit of logical access controls and related security policies
B. Authenticating access to information assets based on roles or business rules
C. Implementing multi-factor authentication controls
D. Granting access to information based on information architecture

A newly hired CIO has been given projects of strategic importance along with operational responsibility for infrastructure. What are the two MOST important areas to be communicated to senior management?

A. Value delivery and risks
B. Project and change management
C. ROI and security accreditation
D. On-time and on-budget

An IT manager is trying to determine optimal IT service levels. Which of the following should be the PRIMARY consideration?

A. Cost-benefit analysis
B. Recovery time objective (RTO)
C. Internal rate of return
D. Resource utilization analysis

A business is considering a policy to anonymize personal data in enterprise systems. Before making a decision, which of the following is MOST important for the IT steering committee to consider?

A. Regulatory requirements
B. Sustainability costs to the enterprise
C. Potential implementation barriers
D. Business impact analysis (BIA) results

An executive sponsor of a partially completed IT project has learned that the financial assumptions supporting the project have changed. Which of the following governance actions should be taken FIRST?

A. Schedule an interim project review.
B. Request a risk assessment.
C. Re-evaluate the project in the portfolio.
D. Request an update to the business case.