Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
exam questions

Exam OG0-092 All Questions

View all questions & answers for the OG0-092 exam

Exam OG0-092 topic 1 question 3 discussion

Actual exam question from The Open Group's OG0-092
Question #: 3
Topic #: 1
[All OG0-092 Questions]

Scenario: AGEX Inc.
AGEX is a large, global commodities trading company which has been growing rapidly through a series of acquisitions.
Each new business is performing well in its markets. However, the lack of integration between headquarters and the business units has increasingly caused problems in the handling of customer and financial information. The inability to share information across businesses has resulted in lost opportunities to "leverage the synergies" that had been intended when the businesses were acquired. At present, each business unit maintains its own applications. Despite an earlier initiative to install a common application to manage customer, products, supplier, and inventory information, each business unit has different ways of defining each of these core elements and has customized the common application to the point where the ability to exchange information is difficult, costly, and error-prone.
As a result, AGEX has begun implementing a single Enterprise Resource Planning (ERP) system to consolidate information from several applications that exist across the lines of business. The Corporate Board is concerned that the new ERP system must be able to manage and safeguard customer information in a manner that meets or exceeds the legal requirements of the countries in which the company operates. This will be an increasingly important capability as the company expands its online services offered to clients and trading partners.
The CIO has formed an Enterprise Architecture department, and one of the primary goals in its charter is to coordinate efforts between the ERP implementation team and the business unit personnel who will be involved in the migration process. The CIO has also formed a cross-functional Architecture Review Board to oversee and govern the architecture.
After reviewing the available alternatives, and based on recommendations from the ERP vendor, AGEX has selected TOGAF 9 as the basis for its Enterprise
Architecture program.
The CIO has endorsed this choice with the full support of top management.
You are serving as the Chief Architect.
You have been asked to recommend the approach to take in the Preliminary Phase to ensure that the Corporate Board's concern is addressed.
Based on TOGAF 9, which of the following is the best answer?

  • A. You evaluate the implications of the Board's concern in terms of regulatory and security policy requirements. You then update the AGEX security policy to reflect the concern, ensuring that this policy is communicated across the organization. You allocate a security architecture team to ensure that security considerations are included in ongoing architecture planning. You then assess the security implications and agreements within the AGEX businesses and their suppliers.
  • B. You evaluate the implications of the Board's concern in terms of regulatory requirements and their impact on business goals and objectives. Based on this understanding, you then issue a Request for Architecture Work to commence an architecture development project to develop a solution that will address the Board's concern. You allocate a security architect to oversee the implementation of the solution in the ERP system that is being developed.
  • C. You start by clarifying the intent that the Board has for raising this concern. This enables you to understand the implications of the concern in terms of regulatory requirements and the potential impact on current business goals and objectives. You propose that a security architect or security architecture team be allocated to develop comprehensive security architecture.
  • D. You evaluate the implications of the Board's concern by examining the potential impacts on business goals and objectives. Based on your understanding, you then update the current AGEX security policy to include an emphasis on the Board's concern. In addition, you allocate a security architect to ensure that security considerations are included in the architecture planning for all domains.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
sudhimenon
Highly Voted 4 years ago
Business goals and objectives comes in Phase - A, A should be the right answer.
upvoted 11 times
rbaggio
3 years, 10 months ago
Since when does an Enterprise Architect update a security policy?
upvoted 4 times
ADR_SA_21
3 years, 3 months ago
Principle 9: Protection of Intellectual Property
upvoted 3 times
...
...
...
venksfc
Highly Voted 4 years, 1 month ago
C seems correct to me. It is given as answer in another portal too.
upvoted 10 times
...
prabhara
Most Recent 1 month, 4 weeks ago
A is correct statement.
upvoted 1 times
...
EsoEso
11 months ago
Selected Answer: A
A is the best answer refer to: https://pubs.opengroup.org/architecture/togaf91-doc/arch/chap21.html#tag_21 Section: 21.5 Preliminary Phase
upvoted 1 times
...
HN6366
11 months ago
C is the correct answer.
upvoted 1 times
...
crimemasternogo
1 year, 2 months ago
This is what I found: "The security policy should be examined to find relevant sections, and "updated" if necessary. Architecture constraints established in the "security policy must be communicated to the other members of the architecture team"." So, the answer A makes sense.
upvoted 2 times
...
th_mel
1 year, 4 months ago
ChatGPT says: A Bard AI says: C
upvoted 1 times
...
modsjunk
1 year, 4 months ago
Selected Answer: C
A and D are out B is out because of this line You allocate a security architect to oversee the implementation of the solution in the ERP system that is being developed. you don't ask security architect to oversee the implementation of the solution in the ERP system
upvoted 4 times
...
MackD
1 year, 4 months ago
Anwser C. In my opinion: A: Chief Architect is not responsible for updating a security policy. B: Request for Architecture Work is not issued by an Chief Architect. C: This is the only one that makes sense. D: As mentioned before "based on your understanding". https://pubs.opengroup.org/architecture/togaf9-doc/arch/chap46.html
upvoted 2 times
HN6366
1 year, 4 months ago
Agreed, C is the best option here.
upvoted 1 times
...
...
PratsMic
1 year, 5 months ago
A coz its about communication across the Org too ( that other options lacked)
upvoted 2 times
...
red_panda
1 year, 6 months ago
Selected Answer: C
I think that the correct answer is the C because the Chief Architect don't allocate the resources.
upvoted 1 times
...
RACHIT0412
1 year, 6 months ago
Chatgpt says A
upvoted 1 times
PratsMic
1 year, 5 months ago
Chatgpt just look at the answer provided here and cert library to get to the conclusion ...
upvoted 1 times
el3ctronick
9 months ago
If you noticed, there is no clear answer here. we are all looking for the correct one and we all see gaps in every possible answer. have you managed to find the right one? please explain if it is that clear to you. thanks!
upvoted 1 times
...
...
...
miche_s87
1 year, 6 months ago
Selected Answer: C
see my comment below.
upvoted 1 times
...
saurabhparveen
1 year, 7 months ago
I will go with A, security policy is updated in preliminary phase https://pubs.opengroup.org/architecture/togaf91-doc/arch/chap21.html Also,as per step3 ■ Allocate key roles and responsibilities for Enterprise Architecture Capability management and governance
upvoted 1 times
...
JKLExTop
1 year, 8 months ago
Selected Answer: C
The EA doesn't - Update the AGEX security policy to reflect the concern - Assess the security And it's too early in the preliminary phase to update any policy Therefore, C is the correct answer
upvoted 1 times
...
mesterit
1 year, 9 months ago
Selected Answer: B
B is correct - You then update the Global Traders security policy to reflect the concern,... You allocate a security architecture team - Ent. Arch would just propose don't change or allocate ... therefore seems A is incorrect. - Request for Architecture Work is not raised by Ent. Arch. - therefore seems C incorrect. - You can't just change a security policy on your understanding. therefore seems D is incorrect. - And the Request for Architecture Work is issued by the sponsor - The question asks for "Recommendations", but other answers are simply taking some actions which are not even in the scope of the Chief Architect.
upvoted 3 times
93madox
1 year, 8 months ago
B says that Security Architect should oversee the implementation. Standard says Architecture Board does oversee the implementation. I think it is C
upvoted 2 times
...
miche_s87
1 year, 6 months ago
I don't agree since the "Request for Architecture Work" are sent from the sponsoring organization to the architecture organization (32.2.17 Request for Architecture Work). In answer B it says that you (as an EA) sents the Request for Architects. I go for C as well.
upvoted 2 times
...
...
Qman2022
1 year, 10 months ago
Architecture team do not allocate resource we propose/recommend that takes A and D out. Now between B and C, Architecture team do not issue Request for architecture. this strike out B. This is done mostly in phase H to activate a change request since we are in preliminary phase. Hence we are left we C that is correct answer.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...