Question 1

This type of organization management is where IT controls most of its IT infrastructure in one location.&#10;A) Distributed IS organization&#10;B) Decentralized IS organization&#10;C) Federalism&#10;D) Joint-Control IS organization&#10;E) Centralized IS organization

Accepted Answer

A centralized IS organization is where IT controls most of its IT infrastructure in one location.

Question 2

Most companies would like to obtain the advantages derived from both centralized and decentralized organizational paradigms. What type of IT governance model would best help them to achieve this goal?&#10;A) Distributed Control&#10;B) Decentralized&#10;C) Federalism&#10;D) Joint-Control&#10;E) Centralized

Accepted Answer

The federalism IT governance model provides a balance between centralization and decentralization. In this model, decision-making power is shared between central IT leadership and business units, allowing for both flexibility and consistency across the organization. This allows companies to obtain the advantages of both centralized and decentralized paradigms.

Question 3

IT decisions have been categorized by Peter Weill and Jeanne Ross.These categories include all of the following EXCEPT:&#10;A) IT principles&#10;B) IT architecture&#10;C) IT infrastructure&#10;D) Business application needs&#10;E) IT security

Accepted Answer

E

Question 4

______________ organizations scatter IT components in different locations to address local business needs.&#10;A) Distributed Control&#10;B) Decentralized&#10;C) Federalism&#10;D) Joint-Control&#10;E) Centralized

Accepted Answer

Decentralized organizations scatter IT components in different locations to address local business needs, as opposed to a centralized organization that would have all IT components in one central location. Distributed control refers to a type of organizational structure where decision-making authority is spread out among various levels and departments rather than centralized in one specific area. Federalism is a political philosophy where power is divided between a central government and local/state governments. Joint-control is a term that could refer to shared ownership or shared decision-making between different entities, but it does not specifically relate to IT components or organizational structure.

Question 5

All of the following are frameworks for implementing Sarbanes-Oxley compliance EXCEPT:&#10;A) COSO&#10;B) BCP&#10;C) COBIT&#10;D) ITIL&#10;E) Committee for Sponsoring Organization of the Treadway Commission

Accepted Answer

BCP refers to Business Continuity Planning, which is not a framework specific to Sarbanes-Oxley compliance. The other options listed are all frameworks that can be used for implementing Sarbanes-Oxley compliance.

Question 6

The IT Governance Council reports directly to the board of directors or the ________.&#10;A) CIO&#10;B) CTO&#10;C) CEO&#10;D) COO&#10;E) CFO

Accepted Answer

The IT Governance Council typically reports directly to the CEO or to the board of directors, as they are responsible for making important decisions related to the overall strategy, management, and investment in IT within the organization. The other options listed (CIO, CTO, COO, CFO) may have some involvement in IT governance, but they are not typically the ones who oversee the council.

Question 7

________ of the 1980's allowed computing power to spread and gave rise to a decentralized approach to IT governance.&#10;A) Servers&#10;B) Mainframes&#10;C) Networks&#10;D) PCs&#10;E) The WWW

Accepted Answer

The introduction and widespread adoption of personal computers (PCs) in the 1980s allowed computing power to be distributed among many individuals and departments within organizations. This led to a decentralized approach to IT governance where individual users and departments had more control over their own computing needs, rather than relying on a centralized mainframe or server.

Question 8

________ of the 1960's dictated a centralized approach to IT governance.&#10;A) Servers&#10;B) Mainframes&#10;C) Networks&#10;D) PCs&#10;E) The WWW

Accepted Answer

Mainframes were the dominant computing technology during the 1960s and their architecture favored a centralized approach to IT governance.

Question 9

IT organizations implement powerful information systems like ERP and SCM that provide centralized data repositories.In addition,IT organizations provide business units with tools that individuals can use to report on and analyze collected data.This IT governance approach is best described as: ________.

A) Distributed Control
B) Decentralized
C) Federalism
D) Joint-Control
E) Centralized

Accepted Answer

The answer of IT organizations implement powerful information systems like...

Question 10

This is a balanced approach to managing a company's IT organization.&#10;A) Centralization&#10;B) Decentralization&#10;C) Federalism&#10;D) Joint-Control&#10;E) Business Centricity

Accepted Answer

The answer of This is a balanced approach to managing...

Question 11

Which one of the following can be said about IT security policies?&#10;A) IT security policies define the scope and overall expectation for the company's information security program.&#10;B) IT security policies discourage standardization and integration.&#10;C) IT security policies require an IT-only perspective.&#10;D) IT security policies complicate the decision-making process.&#10;E) IT security policies are loose to allow for many choices.

Accepted Answer

The answer of Which one of the following can be...

Question 12

The decisions that set the foundation for IT capabilities shared throughout an organization fall into which one of the five major IT decision categories?&#10;A) IT principles&#10;B) IT architecture&#10;C) IT infrastructure&#10;D) Business application needs&#10;E) IT investment and prioritization

Accepted Answer

The answer of The decisions that set the foundation for...

Question 13

The Sarbanes-Oxley Act of 2002 was primarily aimed at which functional unit of a corporation?&#10;A) Marketing&#10;B) Production&#10;C) Sales&#10;D) IT&#10;E) Finance

Accepted Answer

The answer of The Sarbanes-Oxley Act of 2002 was primarily...

Question 14

Bob has been tasked with creating a plan to keep his company functioning in case of emergency. He needs to create which ONE of the following plans?&#10;A) Security Policy&#10;B) Emergency Preparedness Plan&#10;C) Disaster Continuity Plan&#10;D) Collateral Damage Plan&#10;E) Business Continuity Plan

Accepted Answer

The answer of Bob has been tasked with creating a...

Question 15

After its PlayStation Network service was compromised,Sony realized that it needed to establish better ____________ governance.&#10;A) employee&#10;B) customer&#10;C) security&#10;D) IT&#10;E) data

Accepted Answer

The answer of After its PlayStation Network service was compromised,Sony...

Question 16

The decision about approval and justification of new technologies would fall into which one of the five major IT decision categories?&#10;A) IT principles&#10;B) IT architecture&#10;C) IT infrastructure&#10;D) Business application needs&#10;E) IT investment and prioritization

Accepted Answer

The answer of The decision about approval and justification of...

Question 17

What is a steering committee at the highest level called?&#10;A) Executive Steering Committee&#10;B) IT Governance Council&#10;C) Executive Council of IT&#10;D) Systems Steering Council&#10;E) Chief Steering Committee

Accepted Answer

The answer of What is a steering committee at the...

Question 18

This is an IT governance framework that is consistent with COSO controls.&#10;A) HIPPA&#10;B) COBIT&#10;C) SoX&#10;D) ISACA&#10;E) ISO

Accepted Answer

The answer of This is an IT governance framework that...

Question 19

IT governance has two major components: the assignment of decision-making authority and responsibility,and the __________________________.&#10;A) cost considerations&#10;B) decision rights&#10;C) business plan&#10;D) capability maturity model&#10;E) decision-making mechanisms

Accepted Answer

The answer of IT governance has two major components: the...

Question 20

All of the following are mechanisms that can be created to ensure good IT governance EXCEPT:&#10;A) Policies&#10;B) Review boards&#10;C) Steering Committees&#10;D) Consultants&#10;E) IT Governance Council

Accepted Answer

The answer of All of the following are mechanisms that...

Question 21

This is a highly specific measurement used to indicate whether business process goalsare being met.

Accepted Answer

The answer of This is a highly specific measurement used...

Question 22

The establishment of information security policies requires IT leaders to set security standards and business leaders to understand the implications for users and business processes.Therefore,the IT governance archetype recommended in this situation is which one of the following?

A) Business monarchy
B) IT monarchy
C) Feudal
D) Federal
E) IT Duopoly

Accepted Answer

The answer of The establishment of information security policies requires...

Question 23

Security strategy is not a technical decision.

Accepted Answer

The answer of Security strategy is not a technical decision....

Question 24

A steering committee is geared only towards the highest level of the organization and reports directly to the board of directors or the CEO.

Accepted Answer

The answer of A steering committee is geared only towards...

Question 25

This is a committee that is formally designated to approve,monitor and review specific topics that ensure IT governance.

Accepted Answer

The answer of This is a committee that is formally...

Question 26

A steering committee works especially well with this particular IT governance archetype.&#10;A) Business monarchy&#10;B) IT monarchy&#10;C) Feudal&#10;D) Federal&#10;E) IT Duopoly

Accepted Answer

The answer of A steering committee works especially well with...

Question 27

Business continuity planning must be designed to respond to its biggest threat,which is disgruntled or dishonest employees.

Accepted Answer

The answer of Business continuity planning must be designed to...

Question 28

Information security infrastructure decisions deal with technology selection and configuration.Therefore,the IT governance archetype recommended in this situation is which one of the following?&#10;A) Business monarchy&#10;B) IT monarchy&#10;C) Feudal&#10;D) Federal&#10;E) IT Duopoly

Accepted Answer

The answer of Information security infrastructure decisions deal with technology...

Question 29

This term is used to describe the increasingly powerful tools available to consumers that are impacting corporations.

Accepted Answer

The answer of This term is used to describe the...

Question 30

The global nature of business today makes complete centralization impossible.

Accepted Answer

The answer of The global nature of business today makes...

Question 31

IT plays a major role in ensuring the accuracy of financial data.

Accepted Answer

The answer of IT plays a major role in ensuring...

Question 32

As a result of Sarbanes-Oxley Act,the CEO,CFO and CIO must certify financial accounting records.

Accepted Answer

The answer of As a result of Sarbanes-Oxley Act,the CEO,CFO...

Question 33

As a result of Sarbanes-Oxley,IT managers are now required to manage the level of controls needed to mitigate risk in business processes.

Accepted Answer

The answer of As a result of Sarbanes-Oxley,IT managers are...

Question 34

This IT governance archetype consists of C-level executives and at least one other business group.An IT executive may be an additional participant.&#10;A) Business monarchy&#10;B) IT monarchy&#10;C) Feudal&#10;D) Federal&#10;E) IT Duopoly

Accepted Answer

The answer of This IT governance archetype consists of C-level...

Question 35

The combinations of people to whom decision rights are allocated are classified by various IT governance ________.

Accepted Answer

The answer of The combinations of people to whom decision...

Question 36

What act was passed in 2002 in response to the rogue accounting activities of major global corporations such as Enron,Worldcom and their accounting firm Arthur Andersen?

Accepted Answer

The answer of What act was passed in 2002 in...

Question 37

This is the act through which behavior is aligned with business goals through empowerment and monitoring.

Accepted Answer

The answer of This is the act through which behavior...

Question 38

This IT governance archetype consists only of business unit leaders,key process owners,or their delegates.

Accepted Answer

The answer of This IT governance archetype consists only of...

Question 39

The US Army is embracing BYOD by launching a program to ensure soldiers have the appropriate decision rights to select his/her computing device.

Accepted Answer

The answer of The US Army is embracing BYOD by...

Question 40

This IT governance archetype consists of IT individuals or groups of IT executives.&#10;A) Business monarchy&#10;B) IT monarchy&#10;C) Feudal&#10;D) Federal&#10;E) IT Duopoly

Accepted Answer

The answer of This IT governance archetype consists of IT...

Question 41

Explain the value steering committees offer the IT organization.

Accepted Answer

The answer of Explain the value steering committees offer the...

Question 42

Explain how federalism is able to capture the benefits of centralized and decentralized IT governance while eliminating the drawbacks of each.

Accepted Answer

The answer of Explain how federalism is able to capture...

Question 43

Detail the 3 stages of business continuity planning.&#10;Matching

Accepted Answer

The answer of Detail the 3 stages of business continuity...

Question 44

Match the disadvantages below as either being associated with a centralized IT governance approach or a decentralized IT governance approach.&#10;

Accepted Answer

The answer of Match the disadvantages below as either being...

Question 45

Match the allocation of decision rights below with the IT governance archetype it represents.&#10;

Accepted Answer

The answer of Match the allocation of decision rights below...

Question 46

Explain the role the IT organization has in ensuring a company's Sarbanes-Oxley compliance.

Accepted Answer

The answer of Explain the role the IT organization has...

Question 47

Match the advantages below as either being associated with a centralized IT governance approach or a decentralized IT governance approach.&#10;

Accepted Answer

The answer of Match the advantages below as either being...

Question 48

Define federalism as it pertains to organizational structures. How does it improve on the centralized model?

Accepted Answer

The answer of Define federalism as it pertains to organizational...

Question 49

Match the organization with the IT governance approach it has chosen.&#10;

Accepted Answer

The answer of Match the organization with the IT governance...

Question 50

Review the description of 3 different IT organizations and map the organization's design to the IT governance model it best represents.&#10;

Accepted Answer

The answer of Review the description of 3 different IT...

Question 51

Why is it recommended that the IT governance archetype for an organization's information security strategy be business monarch?

Accepted Answer

The answer of Why is it recommended that the IT...

Question 52

Match the SoX compliance methodology with its description.&#10;

Accepted Answer

The answer of Match the SoX compliance methodology with its...

Deck 8: Governance of the Information Systems Organization