Ch9 Governance Of The Information Systems Verified Test Bank

File: chapter9TextBank.docx, Chapter 9, Governance of the Information Systems Organization

Multiple Choice

1. Which of the following is an IT governance for ensuring that IT provides the systematic rigor needed for the strong internal controls and SoX compliance?

1. HIPPA
2. COBIT
3. SoX
4. ISACA
5. ISO

2. The Sarbanes-Oxley Act of 2002 was primarily aimed at which functional unit of a corporation?

1. Marketing
2. Production
3. Sales
4. IT
5. Finance

3. All of the following are frameworks for implementing Sarbanes-Oxley compliance EXCEPT:

1. COSO
2. BCP
3. COBIT
4. ITIL
5. ISO

4. All of the following are mechanisms that can be created to ensure good IT governance EXCEPT:

1. Policies
2. Review boards
3. Steering Committees
4. Consultants
5. IT Governance Council

5. After Intel faced strong shifts in technologies, such as cloud services, social networking, mobile devices, etc., Intel realized that it needed to establish better governance, creating:

1. Employee boards
2. Customer boards
3. Security committees
4. Information governance boards
5. Higher control framework

6. Which of the following is a balanced approach to managing a company’s IT organization?

1. Centralization
2. Decentralization
3. Federalism
4. Joint-Control
5. Business Centricity

7. In which type of organization management does IT control most of its IT infrastructure in one location?

1. Distributed IS organization
2. Decentralized IS organization
3. Federalism
4. Joint-Control IS organization
5. Centralized IS organization

8. Most companies would like to obtain the advantages derived from both centralized and decentralized organizational paradigms. What type of IT governance model would best help them to achieve this goal?

1. Distributed Control
2. Decentralized
3. Federalism
4. Joint-Control
5. Centralized

9. IT organizations implement powerful information systems like ERP and SCM that provide centralized data repositories. In addition, business units have tools for their particular units that individuals can use to report on and analyze collected data. This IT governance approach is best described as:

1. Distributed Control
2. Decentralized
3. Federalism
4. Joint-Control
5. Centralized

10. ________ of the 1960s dictated a centralized approach to IT governance.

1. Servers
2. Mainframes
3. Networks
4. PCs
5. The WWW

11. ________ of the 1980s allowed computing power to spread and gave rise to a decentralized approach to IT governance.

1. Servers
2. Mainframes
3. Networks
4. PCs
5. The WWW

12. ______________ organizations scatter IT components in different locations to address local business needs.

1. Distributed Control
2. Decentralized
3. Federalism
4. Joint-Control
5. Centralized

13. The IT Governance Council reports directly to the board of directors or the ________.

1. CIO
2. CTO
3. CEO
4. COO
5. CFO

14. IT governance has two major components: the assignment of decision-making authority and responsibility, and the:

1. cost considerations
2. decision rights
3. business plan
4. capability maturity model
5. decision-making mechanisms

15. The archetype that is represented by a group of business executives that might or might not include the CIO is:

1. IT monarchy
2. Feudal
3. Federal
4. Business monarchy
5. IT duopoly

16. The archetype that is represented by IT executives and one other group is:

1. IT monarchy
2. Feudal
3. Federal
4. Business monarchy
5. IT duopoly

17. IT decisions have been categorized by Peter Weill and Jeanne Ross and include all of the following EXCEPT:

1. IT principles
2. IT architecture
3. IT infrastructure
4. Business application needs
5. IT security

18. The decision about approval and justification of new technologies would fall into which one of the five major IT decision categories?

1. IT principles
2. IT architecture
3. IT infrastructure
4. Business application needs
5. IT investment and prioritization

19. The decisions that determine how IT assets are structured fall into which one of the five major IT decision categories?

1. IT principles
2. IT architecture
3. IT infrastructure
4. Business application needs
5. IT investment and prioritization

20. Which IT governance archetype consists of IT individuals or groups of IT executives?

1. Business monarchy
2. IT monarchy
3. Feudal
4. Federal
5. IT Duopoly

21. Which IT governance archetype consists of C-level executives and at least one other business group? An IT executive may be an additional participant.

1. Business monarchy
2. IT monarchy
3. Feudal
4. Federal
5. IT Duopoly

22. A steering committee works especially well with this particular IT governance archetype.

1. Business monarchy
2. IT monarchy
3. Feudal
4. Federal
5. IT Duopoly

23. The technology that makes up an organization’s digital ecosystem is its:

1. Digital platform
2. Internet of Things
3. Technology sponsor
4. IT consumerization
5. IT monarchy

24. The development of what technology allows for collecting and transmitting big data as well as allowing local processing to detect and solve problems on the spot?

1. Internet of Things
2. RFID
3. Edge computing
4. GPS
5. Cloud computing

25. Which of the following control frameworks encourages more collaboration and communication across the entire business, resulting in fewer silos?

1. COSO
2. Treadway Commission
3. KPI
4. ITIL
5. COBIT

True/False

26. A steering committee is geared only toward the highest level of the organization and reports directly to the board of directors or the CEO.

27. As a result of Sarbanes-Oxley, IT managers are now required to manage the level of controls needed to mitigate risk in business processes.

28. The global nature of business today makes complete centralization impossible.

29. IT plays a major role in ensuring the accuracy of financial data.

30. As a result of Sarbanes-Oxley Act, the CEO, CFO, and CIO must certify financial accounting records.

31. There were pressures for centralizing IT back when mainframes ruled, but today’s use of “consumerized” technologies have provided strong pressure, by IT people, for decentralization.

32. Federal IT provides for strong centralization, like the U.S. Federal Government.

33. Most digital ecosystems have developed platforms that are based on standards for data exchange and applications.

34. Gregory et al., argue that IT consumerization was developed to fit within traditional IT governance.

Short Answer

35. The was passed in 2002 in response to the rogue accounting activities of major global corporations such as Enron and WorldCom?

36. A is a committee that is formally designated to approve, monitor, and review specific topics that ensure IT governance.

37. is the act through which behavior is aligned with business goals through empowerment and monitoring.

38. The combinations of people to whom decision rights are allocated are classified by various IT governance ________.

39. The IT governance archetype consists only of business unit leaders, key process owners, or their delegates.

40. The is a highly specific measurement used to indicate whether business process goals are being met.

41. The term is used to describe the increasingly powerful tools available to consumers that are impacting corporations.

42. Another term used to describe digital platforms is .

Essay

43. Explain how federalism is able to capture the benefits of centralized and decentralized IT governance while eliminating the drawbacks of each.

44. Why is it recommended that the IT governance archetype for an organization’s information security strategy be business monarchy?

45. Explain the value steering committees offer the IT organization.

46. Define federalism as it pertains to organizational structures. How does it improve on the centralized model?

47. Explain the role the IT organization has in ensuring a company’s Sarbanes-Oxley compliance.

Matching

48. Review the description of 3 different IT organizations and map the organization’s design to the IT governance model it best represents.

49. Match the advantages below as either being associated with a centralized IT governance approach or a decentralized IT governance approach.

50. Match the disadvantages below as either being associated with a centralized IT governance approach or a decentralized IT governance approach.

51. Match the allocation of decision rights below with the IT governance archetype it represents.

52. Match the SoX compliance methodology with its description.

0. hing See page 252.-Oxley, age id about IT sre being met.olgy ifnratm to he companys strageis and objectives.