Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 8: Governance of the Information Systems Organization

Full screen (f)
exit full mode
Question
After its PlayStation Network service was compromised,Sony realized that it needed to establish better ____________ governance.

A) employee
B) customer
C) security
D) IT
E) data
Use Space or
up arrow
down arrow
to flip the card.
Question
This is an IT governance framework that is consistent with COSO controls.

A) HIPPA
B) COBIT
C) SoX
D) ISACA
E) ISO
Question
IT decisions have been categorized by Peter Weill and Jeanne Ross.These categories include all of the following EXCEPT:

A) IT principles
B) IT architecture
C) IT infrastructure
D) Business application needs
E) IT security
Question
The decision about approval and justification of new technologies would fall into which one of the five major IT decision categories?

A) IT principles
B) IT architecture
C) IT infrastructure
D) Business application needs
E) IT investment and prioritization
Question
________ of the 1980's allowed computing power to spread and gave rise to a decentralized approach to IT governance.

A) Servers
B) Mainframes
C) Networks
D) PCs
E) The WWW
Question
What is a steering committee at the highest level called?

A) Executive Steering Committee
B) IT Governance Council
C) Executive Council of IT
D) Systems Steering Council
E) Chief Steering Committee
Question
Most companies would like to obtain the advantages derived from both centralized and decentralized organizational paradigms. What type of IT governance model would best help them to achieve this goal?

A) Distributed Control
B) Decentralized
C) Federalism
D) Joint-Control
E) Centralized
Question
________ of the 1960's dictated a centralized approach to IT governance.

A) Servers
B) Mainframes
C) Networks
D) PCs
E) The WWW
Question
______________ organizations scatter IT components in different locations to address local business needs.

A) Distributed Control
B) Decentralized
C) Federalism
D) Joint-Control
E) Centralized
Question
This is a balanced approach to managing a company's IT organization.

A) Centralization
B) Decentralization
C) Federalism
D) Joint-Control
E) Business Centricity
Question
The Sarbanes-Oxley Act of 2002 was primarily aimed at which functional unit of a corporation?

A) Marketing
B) Production
C) Sales
D) IT
E) Finance
Question
The decisions that set the foundation for IT capabilities shared throughout an organization fall into which one of the five major IT decision categories?

A) IT principles
B) IT architecture
C) IT infrastructure
D) Business application needs
E) IT investment and prioritization
Question
All of the following are mechanisms that can be created to ensure good IT governance EXCEPT:

A) Policies
B) Review boards
C) Steering Committees
D) Consultants
E) IT Governance Council
Question
Which one of the following can be said about IT security policies?

A) IT security policies define the scope and overall expectation for the company's information security program.
B) IT security policies discourage standardization and integration.
C) IT security policies require an IT-only perspective.
D) IT security policies complicate the decision-making process.
E) IT security policies are loose to allow for many choices.
Question
IT governance has two major components: the assignment of decision-making authority and responsibility,and the __________________________.

A) cost considerations
B) decision rights
C) business plan
D) capability maturity model
E) decision-making mechanisms
Question
This type of organization management is where IT controls most of its IT infrastructure in one location.

A) Distributed IS organization
B) Decentralized IS organization
C) Federalism
D) Joint-Control IS organization
E) Centralized IS organization
Question
All of the following are frameworks for implementing Sarbanes-Oxley compliance EXCEPT:

A) COSO
B) BCP
C) COBIT
D) ITIL
E) Committee for Sponsoring Organization of the Treadway Commission
Question
The IT Governance Council reports directly to the board of directors or the ________.

A) CIO
B) CTO
C) CEO
D) COO
E) CFO
Question
IT organizations implement powerful information systems like ERP and SCM that provide centralized data repositories.In addition,IT organizations provide business units with tools that individuals can use to report on and analyze collected dat a.This IT governance approach is best described as: ________.

A) Distributed Control
B) Decentralized
C) Federalism
D) Joint-Control
E) Centralized
Question
Bob has been tasked with creating a plan to keep his company functioning in case of emergency. He needs to create which ONE of the following plans?

A) Security Policy
B) Emergency Preparedness Plan
C) Disaster Continuity Plan
D) Collateral Damage Plan
E) Business Continuity Plan
Question
IT plays a major role in ensuring the accuracy of financial dat
a.
Question
As a result of Sarbanes-Oxley,IT managers are now required to manage the level of controls needed to mitigate risk in business processes.
Question
The establishment of information security policies requires IT leaders to set security standards and business leaders to understand the implications for users and business processes.Therefore,the IT governance archetype recommended in this situation is which one of the following?

A) Business monarchy
B) IT monarchy
C) Feudal
D) Federal
E) IT Duopoly
Question
What act was passed in 2002 in response to the rogue accounting activities of major global corporations such as Enron,Worldcom and their accounting firm Arthur Andersen?
Question
A steering committee works especially well with this particular IT governance archetype.

A) Business monarchy
B) IT monarchy
C) Feudal
D) Federal
E) IT Duopoly
Question
A steering committee is geared only towards the highest level of the organization and reports directly to the board of directors or the CEO.
Question
Information security infrastructure decisions deal with technology selection and configuration.Therefore,the IT governance archetype recommended in this situation is which one of the following?

A) Business monarchy
B) IT monarchy
C) Feudal
D) Federal
E) IT Duopoly
Question
The US Army is embracing BYOD by launching a program to ensure soldiers have the appropriate decision rights to select his/her computing device.
Question
This IT governance archetype consists only of business unit leaders,key process owners,or their delegates.
Question
This IT governance archetype consists of IT individuals or groups of IT executives.

A) Business monarchy
B) IT monarchy
C) Feudal
D) Federal
E) IT Duopoly
Question
As a result of Sarbanes-Oxley Act,the CEO,CFO and CIO must certify financial accounting records.
Question
This IT governance archetype consists of C-level executives and at least one other business group.An IT executive may be an additional participant.

A) Business monarchy
B) IT monarchy
C) Feudal
D) Federal
E) IT Duopoly
Question
Security strategy is not a technical decision.
Question
This is the act through which behavior is aligned with business goals through empowerment and monitoring.
Question
Business continuity planning must be designed to respond to its biggest threat,which is disgruntled or dishonest employees.
Question
The global nature of business today makes complete centralization impossible.
Question
This is a highly specific measurement used to indicate whether business process goalsare being met.
Question
This term is used to describe the increasingly powerful tools available to consumers that are impacting corporations.
Question
This is a committee that is formally designated to approve,monitor and review specific topics that ensure IT governance.
Question
The combinations of people to whom decision rights are allocated are classified by various IT governance ________.
Question
Why is it recommended that the IT governance archetype for an organization's information security strategy be business monarch?
Question
Explain the role the IT organization has in ensuring a company's Sarbanes-Oxley compliance.
Question
Define federalism as it pertains to organizational structures. How does it improve on the centralized model?
Question
Review the description of 3 different IT organizations and map the organization's design to the IT governance model it best represents.
Review the description of 3 different IT organizations and map the organization's design to the IT governance model it best represents. <div style=padding-top: 35px>
Question
Match the advantages below as either being associated with a centralized IT governance approach or a decentralized IT governance approach.
Match the advantages below as either being associated with a centralized IT governance approach or a decentralized IT governance approach. <div style=padding-top: 35px>
Question
Match the disadvantages below as either being associated with a centralized IT governance approach or a decentralized IT governance approach.
Match the disadvantages below as either being associated with a centralized IT governance approach or a decentralized IT governance approach. <div style=padding-top: 35px>
Question
Explain the value steering committees offer the IT organization.
Question
Match the allocation of decision rights below with the IT governance archetype it represents.
Match the allocation of decision rights below with the IT governance archetype it represents. <div style=padding-top: 35px>
Question
Detail the 3 stages of business continuity planning.
Matching
Question
Match the SoX compliance methodology with its description.
Match the SoX compliance methodology with its description. <div style=padding-top: 35px>
Question
Match the organization with the IT governance approach it has chosen.
Match the organization with the IT governance approach it has chosen. <div style=padding-top: 35px>
Question
Explain how federalism is able to capture the benefits of centralized and decentralized IT governance while eliminating the drawbacks of each.
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/52
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 8: Governance of the Information Systems Organization
1
After its PlayStation Network service was compromised,Sony realized that it needed to establish better ____________ governance.

A) employee
B) customer
C) security
D) IT
E) data
C
2
This is an IT governance framework that is consistent with COSO controls.

A) HIPPA
B) COBIT
C) SoX
D) ISACA
E) ISO
B
3
IT decisions have been categorized by Peter Weill and Jeanne Ross.These categories include all of the following EXCEPT:

A) IT principles
B) IT architecture
C) IT infrastructure
D) Business application needs
E) IT security
E
4
The decision about approval and justification of new technologies would fall into which one of the five major IT decision categories?

A) IT principles
B) IT architecture
C) IT infrastructure
D) Business application needs
E) IT investment and prioritization
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
5
________ of the 1980's allowed computing power to spread and gave rise to a decentralized approach to IT governance.

A) Servers
B) Mainframes
C) Networks
D) PCs
E) The WWW
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
6
What is a steering committee at the highest level called?

A) Executive Steering Committee
B) IT Governance Council
C) Executive Council of IT
D) Systems Steering Council
E) Chief Steering Committee
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
7
Most companies would like to obtain the advantages derived from both centralized and decentralized organizational paradigms. What type of IT governance model would best help them to achieve this goal?

A) Distributed Control
B) Decentralized
C) Federalism
D) Joint-Control
E) Centralized
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
8
________ of the 1960's dictated a centralized approach to IT governance.

A) Servers
B) Mainframes
C) Networks
D) PCs
E) The WWW
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
9
______________ organizations scatter IT components in different locations to address local business needs.

A) Distributed Control
B) Decentralized
C) Federalism
D) Joint-Control
E) Centralized
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
10
This is a balanced approach to managing a company's IT organization.

A) Centralization
B) Decentralization
C) Federalism
D) Joint-Control
E) Business Centricity
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
11
The Sarbanes-Oxley Act of 2002 was primarily aimed at which functional unit of a corporation?

A) Marketing
B) Production
C) Sales
D) IT
E) Finance
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
12
The decisions that set the foundation for IT capabilities shared throughout an organization fall into which one of the five major IT decision categories?

A) IT principles
B) IT architecture
C) IT infrastructure
D) Business application needs
E) IT investment and prioritization
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
13
All of the following are mechanisms that can be created to ensure good IT governance EXCEPT:

A) Policies
B) Review boards
C) Steering Committees
D) Consultants
E) IT Governance Council
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
14
Which one of the following can be said about IT security policies?

A) IT security policies define the scope and overall expectation for the company's information security program.
B) IT security policies discourage standardization and integration.
C) IT security policies require an IT-only perspective.
D) IT security policies complicate the decision-making process.
E) IT security policies are loose to allow for many choices.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
15
IT governance has two major components: the assignment of decision-making authority and responsibility,and the __________________________.

A) cost considerations
B) decision rights
C) business plan
D) capability maturity model
E) decision-making mechanisms
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
16
This type of organization management is where IT controls most of its IT infrastructure in one location.

A) Distributed IS organization
B) Decentralized IS organization
C) Federalism
D) Joint-Control IS organization
E) Centralized IS organization
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
17
All of the following are frameworks for implementing Sarbanes-Oxley compliance EXCEPT:

A) COSO
B) BCP
C) COBIT
D) ITIL
E) Committee for Sponsoring Organization of the Treadway Commission
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
18
The IT Governance Council reports directly to the board of directors or the ________.

A) CIO
B) CTO
C) CEO
D) COO
E) CFO
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
19
IT organizations implement powerful information systems like ERP and SCM that provide centralized data repositories.In addition,IT organizations provide business units with tools that individuals can use to report on and analyze collected dat a.This IT governance approach is best described as: ________.

A) Distributed Control
B) Decentralized
C) Federalism
D) Joint-Control
E) Centralized
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
20
Bob has been tasked with creating a plan to keep his company functioning in case of emergency. He needs to create which ONE of the following plans?

A) Security Policy
B) Emergency Preparedness Plan
C) Disaster Continuity Plan
D) Collateral Damage Plan
E) Business Continuity Plan
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
21
IT plays a major role in ensuring the accuracy of financial dat
a.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
22
As a result of Sarbanes-Oxley,IT managers are now required to manage the level of controls needed to mitigate risk in business processes.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
23
The establishment of information security policies requires IT leaders to set security standards and business leaders to understand the implications for users and business processes.Therefore,the IT governance archetype recommended in this situation is which one of the following?

A) Business monarchy
B) IT monarchy
C) Feudal
D) Federal
E) IT Duopoly
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
24
What act was passed in 2002 in response to the rogue accounting activities of major global corporations such as Enron,Worldcom and their accounting firm Arthur Andersen?
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
25
A steering committee works especially well with this particular IT governance archetype.

A) Business monarchy
B) IT monarchy
C) Feudal
D) Federal
E) IT Duopoly
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
26
A steering committee is geared only towards the highest level of the organization and reports directly to the board of directors or the CEO.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
27
Information security infrastructure decisions deal with technology selection and configuration.Therefore,the IT governance archetype recommended in this situation is which one of the following?

A) Business monarchy
B) IT monarchy
C) Feudal
D) Federal
E) IT Duopoly
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
28
The US Army is embracing BYOD by launching a program to ensure soldiers have the appropriate decision rights to select his/her computing device.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
29
This IT governance archetype consists only of business unit leaders,key process owners,or their delegates.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
30
This IT governance archetype consists of IT individuals or groups of IT executives.

A) Business monarchy
B) IT monarchy
C) Feudal
D) Federal
E) IT Duopoly
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
31
As a result of Sarbanes-Oxley Act,the CEO,CFO and CIO must certify financial accounting records.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
32
This IT governance archetype consists of C-level executives and at least one other business group.An IT executive may be an additional participant.

A) Business monarchy
B) IT monarchy
C) Feudal
D) Federal
E) IT Duopoly
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
33
Security strategy is not a technical decision.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
34
This is the act through which behavior is aligned with business goals through empowerment and monitoring.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
35
Business continuity planning must be designed to respond to its biggest threat,which is disgruntled or dishonest employees.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
36
The global nature of business today makes complete centralization impossible.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
37
This is a highly specific measurement used to indicate whether business process goalsare being met.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
38
This term is used to describe the increasingly powerful tools available to consumers that are impacting corporations.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
39
This is a committee that is formally designated to approve,monitor and review specific topics that ensure IT governance.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
40
The combinations of people to whom decision rights are allocated are classified by various IT governance ________.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
41
Why is it recommended that the IT governance archetype for an organization's information security strategy be business monarch?
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
42
Explain the role the IT organization has in ensuring a company's Sarbanes-Oxley compliance.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
43
Define federalism as it pertains to organizational structures. How does it improve on the centralized model?
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
44
Review the description of 3 different IT organizations and map the organization's design to the IT governance model it best represents.
Review the description of 3 different IT organizations and map the organization's design to the IT governance model it best represents.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
45
Match the advantages below as either being associated with a centralized IT governance approach or a decentralized IT governance approach.
Match the advantages below as either being associated with a centralized IT governance approach or a decentralized IT governance approach.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
46
Match the disadvantages below as either being associated with a centralized IT governance approach or a decentralized IT governance approach.
Match the disadvantages below as either being associated with a centralized IT governance approach or a decentralized IT governance approach.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
47
Explain the value steering committees offer the IT organization.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
48
Match the allocation of decision rights below with the IT governance archetype it represents.
Match the allocation of decision rights below with the IT governance archetype it represents.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
49
Detail the 3 stages of business continuity planning.
Matching
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
50
Match the SoX compliance methodology with its description.
Match the SoX compliance methodology with its description.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
51
Match the organization with the IT governance approach it has chosen.
Match the organization with the IT governance approach it has chosen.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
52
Explain how federalism is able to capture the benefits of centralized and decentralized IT governance while eliminating the drawbacks of each.
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 52 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree