The PRIMARY reason for using quantitative criteria in developing business cases for IT projects is to:
Correct Answer: A
Quantitative criteria are measurable and objective indicators that can be used to assess the costs, benefits, risks, and value of IT projects1. By using quantitative criteria, an enterprise can compare and prioritize different IT project proposals, justify and secure the required funding and resources, monitor and control the project progress and performance, and evaluate the actual outcomes and impacts of the project after implementation1. Quantitative criteria can also help to demonstrate the alignment of IT projects with the enterprise's strategic objectives and goals, and to communicate the value proposition of IT projects to the stakeholders1. The other options are not the primary reason for using quantitative criteria in developing business cases for IT projects, as they are either secondary or unrelated benefits. Benchmarking project success with similar enterprises may help to identify best practices and areas for improvement, but it is not the main purpose of using quantitative criteria. Learning lessons from errors made in past projects may help to avoid repeating mistakes and enhance project quality, but it is not the main purpose of using quantitative criteria. Applying other corporate standards to the development project may help to ensure consistency and compliance, but it is not the main purpose of using quantitative criteria.
Question 122
Which of the following MOST effectively prevents an IT system from becoming technologically obsolete before its planned return on investment (ROi)?
Correct Answer: D
Ensuring that the system is maintained in compliance with enterprise architecture (EA) standards is the most effective way to prevent an IT system from becoming technologically obsolete before its planned return on investment (ROI), because it ensures that the system is aligned with the current and future business needs, goals, and strategies of the organization. Enterprise architecture (EA) standards define the principles, guidelines, and best practices for designing, developing, and managing IT systems in a consistent, coherent, and integrated manner across the organization. By following EA standards, IT leaders can ensure that the system is compatible with the existing and emerging technologies, platforms, and frameworks that support the business processes and functions. EA standards also help IT leaders to monitor and evaluate the performance, quality, security, and reliability of the system, and to identify and address any gaps, issues, or risks that may affect its functionality or value. EA standards also facilitate the communication and collaboration among different stakeholders involved in the system lifecycle, such as business users, IT staff, vendors, and auditors. By maintaining the system in compliance with EA standards, IT leaders can ensure that the system delivers the expected benefits and value to the organization and achieves its planned ROI. References := ISO/IEC/IEEE 42020:2019(en), Software, systems and enterprise ? Architecture processes, Sample: Enterprise Architecture Standards - CIO Portal, Obsolescence management for IT leaders - Information Age
Question 123
Which of the following process groups is the most efficient at providing resources to the development of the procurement process?
Correct Answer: D
Question 124
Which of the following is necessary for effective risk management in IT governance?
Correct Answer: A
Effective risk management in IT governance requires that risk evaluation is embedded in the management processes of the organization. This means that risk evaluation is not a separate or isolated activity, but rather an integral part of the planning, execution, monitoring, and reporting of IT activities and initiatives. Embedding risk evaluation in the management processes can help: Identify and assess the potential threats and opportunities that may affect the achievement of IT and business objectives Align the IT risk appetite and tolerance with the enterprise risk appetite and tolerance Prioritize and allocate the resources and actions to address the risks based on their impact and likelihood Monitor and report the risk performance and outcomes in relation to the IT value drivers and benefits Embed the risk culture and awareness across the organization References: According to the CGEIT Review Manual 2022, "Risk evaluation should be embedded in management processes. Risk evaluation should be performed as part of planning, executing, monitoring and reporting activities."1 According to the ISACA article on Risk Management: A Driver for Value Creation2, "Risk management should be embedded into all business processes. It should be part of strategic planning, project management, change management, performance management, etc." According to the NIST article on Staging Cybersecurity Risks for Enterprise Risk Management and Governance3, "Embedding cybersecurity risk management into enterprise risk management (ERM) processes can help organizations better understand their cybersecurity risks, prioritize them based on their potential impact on business objectives, and allocate resources accordingly."
Question 125
Which of the following quadrant analysis identifies the key issues of anticipation of business needs, service levels over cost, and business enablement and facilitation (removal of obstacles)?
