Which of the following roles has PRIMARY accountability for the security related to data assets?

A. Security architect
B. Database administrator
C. Data owner
D. Data analyst

The use of new technology in an enterprise will require specific expertise and updated system development processes. There is concern that IT is not properly sourced. Which of the following should be the FIRST course of action?

A. Update the enterprise architecture (EA) with the new technology.
B. Review the IT balanced scorecard for sourcing opportunities.
C. Assess the gap between current and required staff competencies.
D. Perform a risk assessment on potential outsourcing.

A large organization with branches across many countries is in the midst of an enterprise resource planning (ERP) transformation. The IT organization receives news that the branches in a country where the impact to the enterprise is to be greatest are being sold. What should be the NEXT step?

A. Update the ERP business case and re-evaluate the ROI.
B. Continue with the ERP migration according to plan.
C. Cancel the ERP transformation and re-allocate project funds.
D. Adjust the ERP implementation plan and budget.

A rail transport company has the worst on-time arrival record in the industry due to an antiquated IT system that controls scheduling. Despite employee resistance, an initiative to upgrade the technology and related processes has been approved. To maximize employee engagement throughout the project, which of the following should be in place prior to the start of the initiative?

A. Procurement management plan
B. Risk response plan
C. Organizational change management plan
D. Resource management plan

Supply chain management has established a supplier policy requiring multiple technology suppliers. What is the BEST way to ensure the success of this policy?

A. Implement a master service agreement.
B. Align enterprise architecture (EA) and procurement strategies.
C. Identify and select suppliers based on cost.
D. Align the vendor selection process with the security policy.

Which of the following will BEST enable an IT steering committee to monitor the achievement of overall IT objectives on a continuous basis?

A. Project portfolio dashboards
B. Key performance indicators (KPIs)
C. IT user survey results
D. Defined service level agreements (SLAs)

The CIO of an enterprise learns the payroll server of a competitor has been the victim of ransomware. To help plan for the possibility of ransomed corporate data, what should be the CIO's FIRST course of action?

A. Back up corporate data to a secure location.
B. Develop a policy to address ransomware.
C. Require development of key risk indicators (KRIs).
D. Request a targeted risk assessment.

An enterprise has made the strategic decision to reduce operating costs for the next year and is taking advantage of cost reductions offered by an external cloud service provider. Which of the following should be the IT steering committee's PRIMARY concern?

A. Calculating the cost of the current solution
B. Changing the IT steering committee charter
C. Revising the business's balanced scorecard
D. Updating the business risk profile

Which of the following is the BEST way to ensure the continued usefulness of IT governance reports for stakeholders?

A. Establish a standard process for providing feedback.
B. Rely on IT leaders to advise when adjustments should be made.
C. Issue frequent service level satisfaction surveys.
D. Conduct quarterly audits and adjust reporting based on findings.

A software company's products have had significant quality issues in recent releases. As a result, market reputation and customer satisfaction ratings have been suffering. What should executive leadership do FIRST to address this concern?

A. Allocate budget to hire more software and quality assurance specialists.
B. Require a root cause analysis and review results.
C. Implement a software development life cycle (SDLC) framework.
D. Mandate more robust software testing prior to release.