- Information
- AI Chat
C9 - IS 677 Quiz chapter - 9 with Solutions
Information System Princ (IS 677)
New Jersey Institute of Technology
Recommended for you
Related Studylists
CIDM 6310Preview text
File: chapter9TextBank, Chapter 9, Governance of the Information Systems Organization
Multiple Choice
- This is an IT governance framework that is consistent with COSO controls. a) HIPPA b) COBIT c) SoX d) ISACA e) ISO
Ans: b (Medium) Response: See page 202
- The Sarbanes-Oxley Act of 2002 was primarily aimed at which functional unit of a corporation? a) Marketing b) Production c) Sales d) IT e) Finance
Ans: e (Medium) Response: See pages 200-
- All of the following are frameworks for implementing Sarbanes-Oxley compliance EXCEPT: a) COSO b) BCP c) COBIT d) ITIL e) Committee for Sponsoring Organization of the Treadway Commission
Ans: b (Medium) Response: See page 201-
- All of the following are mechanisms that can be created to ensure good IT governance EXCEPT:
a) Policies b) Review boards c) Steering Committees d) Consultants e) IT Governance Council
Ans: d (Medium) Response: See page 195
- After Intel faced strong shifts in technologies, such as cloud services, social networking, mobile devices, etc., Intel realized that it needed to establish better governance, creating a _______________. a) Employee boards b) Customer boards c) Security committees d) Information governance boards e) Higher control framework
Ans: d (Medium) Response: See page 192
- This is a balanced approach to managing a company’s IT organization. a) Centralization b) Decentralization c) Federalism d) Joint-Control e) Business Centricity
Ans: c (Medium) Response: See page 193
- This type of organization management is where IT controls most of its IT infrastructure in one location. a) Distributed IS organization b) Decentralized IS organization c) Federalism d) Joint-Control IS organization e) Centralized IS organization
Ans: e (Easy) Response: See page 193
Ans: d (Medium) Response: See page 193
- ______________ organizations scatter IT components in different locations to address local business needs. a) Distributed Control b) Decentralized c) Federalism d) Joint-Control e) Centralized
Ans: b (Medium) Response: See page 193
- The IT Governance Council reports directly to the board of directors or the ________. a) CIO b) CTO c) CEO d) COO e) CFO
Ans: c (Medium) Response: See page 199
- IT governance has two major components: the assignment of decision-making authority and responsibility, and the __________________________. a) cost considerations b) decision rights c) business plan d) capability maturity model e) decision-making mechanisms
Ans: e (Hard) Response: See page 199
- The archetype that is represented by a group of business executives that might or might not include the CIO is: a) IT monarchy b) Feudal c) Federal d) Business monarchy
e) IT duopoly
Ans: d (Medium) Response: See page 197
- The archetype that is represented by IT executives and one other group is: a) IT monarchy b) Feudal c) Federal d) Business monarchy e) IT duopoly
Ans: e (Medium) Response: See page 197
- IT decisions have been categorized by Peter Weill and Jeanne Ross. These categories include all of the following EXCEPT: a) IT principles b) IT architecture c) IT infrastructure d) Business application needs e) IT security
Ans: e (Hard) Response: See page 195
- The decision about approval and justification of new technologies would fall into which one of the five major IT decision categories? a) IT principles b) IT architecture c) IT infrastructure d) Business application needs e) IT investment and prioritization
Ans: e (Hard) Response: See page 196
- The decisions that determine how IT assets are structured fall into which one of the five major IT decision categories? a) IT principles b) IT architecture
True/False
- A steering committee is geared only towards the highest level of the organization and reports directly to the board of directors or the CEO.
Ans: False (Medium) Response: See page 199
- As a result of Sarbanes-Oxley, IT managers are now required to manage the level of controls needed to mitigate risk in business processes.
Ans: True (Medium) Response: See pages 200-
- The global nature of business today makes complete centralization impossible.
Ans: True (Medium) Response: See page 193
- IT plays a major role in ensuring the accuracy of financial data.
Ans: True (Medium) Response: See pages 200-
- As a result of Sarbanes-Oxley Act, the CEO, CFO and CIO must certify financial accounting records.
Ans: False (Medium) Response: See page 200
- There were pressures for centralizing IT back when mainframes ruled, but today’s use of “consumerized” technologies have provided strong pressure, by IT people, for decentralization.
Ans: False (Medium) Response: See pages 191-
- Federal IT provides for strong centralization, like the U. Federal Government.
Ans: False (Medium) Response: See page 195
Short Answer
- What act was passed in 2002 in response to the rogue accounting activities of major global corporations such as Enron, Worldcom and their accounting firm Arthur Andersen?
Ans: Sarbanes-Oxley Act (SoX) Response: See page 193
- This is a committee that is formally designated to approve, monitor and review specific topics that ensure IT governance.
Ans: review board Response: See page 199
- This is the act through which behavior is aligned with business goals through empowerment and monitoring.
Ans: Governance Response: See page 192
- The combinations of people to whom decision rights are allocated are classified by various IT governance ________.
Ans: archetypes Response: See pages 195-
- This IT governance archetype consists only of business unit leaders, key process owners, or their delegates.
Ans: Feudal
- Review the description of 3 different IT organizations and map the organization's design to the IT governance model it best represents.
Federalism Strong IT vision and leadership; business units have ownership Decentralized Flexible IT; lacks synergy and integration Centralized Highly structured IT; does not meet the needs of all business units
- Match the advantages below as either being associated with a centralized IT governance approach or a decentralized IT governance approach.
Centralized Global standards and common data Centralized Economies of scale Centralized Better control of security and databases Decentralized Technology customized to local business needs Decentralized Greater flexibility Decentralized Closer relationship between IT and business units
- Match the disadvantages below as either being associated with a centralized IT governance approach or a decentralized IT governance approach.
Centralized Technology may not meet the needs of the business units Centralized Poor relations between the business units and the IT organization Centralized Slow support for strategic initiatives Decentralized Duplication of staff and data Decentralized Higher infrastructure costs Decentralized Difficulty negotiating preferential supplier agreements
- Match the organization with the IT governance approach it has chosen.
Centralized UPS and its standardized IT environment Decentralized FedEx and its focus on localized innovation Decentralized VeriFone and its globally distributed employees Federalism Home Depot and its hybrid approach to governance
Centralized Zara and its technology-supported structure that coordinates all actions
- Match the allocation of decision rights below with the IT governance archetype it represents.
Business monarchy The CEO, COO and CFO decide to expand the SCM information system to support manufacturing’s growth in China. IT monarchy The CIO and the data center manager decide to outsource server maintenance. Feudal The Marketing department decides to implement a new social business strategy. Federal The CFO, CEO and CIO focus energies to ensure SoX compliance globally. IT Duopoly IT works the Sales department to roll out a new social networking marketplace.
- Match the SoX compliance methodology with its description.
COBIT An IT governance framework that links IT processes, IT resources, and information to the company’s strategies and objectives. COSO A non-IT specific control framework for managers and auditors to use to mitigate risk. ITIL A globally adopted set of concepts and techniques for maintaining information technology infrastructure, development, and operations.
C9 - IS 677 Quiz chapter - 9 with Solutions
Course: Information System Princ (IS 677)
University: New Jersey Institute of Technology
This is a preview
Access to all documents
Get Unlimited Downloads
Improve your grades
