| 1. The management of an IT service provider believes that while their staff are well trained, enthusiastic, and cooperative, their work often puts them in conflict with each other. The management team believe this is because staff performance measurement is not aligned with the organization's strategy. Which is the BEST approach to resolve this situation? |
| A. Communicate the organization's strategic plan to stakeholders through multiple communication channels B. Involve all IT teams in developing an 'organizational change management' plan C. Develop a cascaded set of objectives for each tier of the IT department D. Develop and distribute a RACI chart for the various IT teams |
| C (2.1a) |
| 2. A commercial service provider is creating a new strategic plan. It has developed the following tactics and operational plans: Tactic 1 - acquire new resilient infrastructure Tactic 2 - launch services by region Operational plan 1 - operate infrastructure to meet service levels Operational plan 2 - train staff on new infrastructure skills Which strategy do these tactics and operational plans support? |
| A. Ensuring the improved handling of service requests by training staff B. Identifying customer needs for new services by researching the market C. Increasing revenue by introducing a new range of services D. Ensuring successful deployment by preparing an implementation plan for new services |
| C (2.1a) |
| 3. A service provider has developed a strategy to increase its revenue by launching a new cloud storage service. This strategy is being cascaded down to the technical teams. Which is a relevant objective that will support the strategy? |
| A. Average number of storage access failures per month B. Increase profit by launching new wi-fi services into new geographic markets C. Achieve a 10% increase in service requests fulfilled in the target time D. Design and implement new infrastructure by the end of quarter 2 |
| D (2.1a) |
| 4. An organization has IT divisions distributed globally. As the organization has grown, it has become difficult to align the activities of the IT divisions with the organization's objectives. How can the organization ensure that all IT activities are aligned with the organization's objectives? |
| A. Put compliance controls in place to ensure that all centres of expertise are following the same practices B. Prioritize risk mitigation strategies in alignment with the organization's risk appetite C. Establish increasingly detailed objectives at each level of the organization that align directly with the objectives of the layer above D. Collect feedback from both organizational and IT leadership from each region |
| C (2.1a) |
| 5. A network security engineer is defining the controls needed to protect firewalls. What is the FIRST thing they should do to determine the correct controls? |
| A. Review existing firewall rules and controls to ensure that there has been no deterioration B. Review the risk register to ensure that all risks are being managed C. Contact the firewall vendor to identify commonly used controls for this technology D. Identify the organization's objectives that the controls need to support |
| D (2.1b) |
| 6. A government agency is struggling to modernize its business processes to meet emerging demand for digital services. The culture is strongly driven by policies, and internal users complain that it can take days or weeks for even simple IT requests. Which is the BEST approach to reduce strict conformance to policy and procedure, and allow IT staff some flexibility in achieving better business outcomes? |
| A. Develop a training program to help staff understand the current policies, and emphasize the consequences of not complying with the policies B. Develop a set of guidelines that provide recommended practices, andcommunicate that achieving the results while not openly violating policy is the primary goal C. Informally communicate to IT staff that they do not need to conform to the policies that would cause delays D. Adopt a more flexible culture, eliminate policies, and empower staff to make independent decisions quickly |
| B (2.1b) |
| 7. An organization offers telephone support to users. It has recently introduced a self-service system for user support. At the same time, the organization introduced a policy which states that any incidents logged using the telephone will not be given a high priority. Some groups of users, such as business developers who travel, cannot access the self-service system, and have complained that they are not receiving good service. What is the BEST way to resolve this situation? |
| A. Ensure that that groups of users such as business developers are given extra training on how to use the new system B. Establish a governance, risk and compliance function to align the work of the service desk function with the organization's governing body C. Introduce policy exceptions for users who have roles which lead to difficulty in accessing systems D. Assign a high priority to all incidents logged by business developers, to ensure that they are not disadvantaged |
| C (2.1b) |
| 8. An organization is creating a policy for logging and managing a wide variety of incidents. The organization operates in a highly regulated environment; it is essential that the policy is adhered to and that deviations are considered unacceptable. Which TWO are the BEST guidance to follow when creating the policy? 1. Ensure that the policy is as flexible as possible to allow staff to make decisions freely. 2. Ensure that the policy is as clear and concise as possible stating why it is necessary. 3. Ensure that the consequences of non-compliance are clearly stated. 4. Ensure that the process is automated in order to minimize the controls included in the policy. |
| A. 1 and 2 B. 2 and 3 C. 3 and 4 D. 1 and 4 |
| B (2.1b) |
| 9. An organization's board of directors has become aware that major IT initiatives were recently completed that did not address significant organizational risks. This raised concerns about organizational decision-making. The CIO has been asked to review who makes key IT decisions, and how these decisions are being made. Which is the BEST approach to address these concerns about decision-making authority? |
| A. Establish a decision-making framework that assigns all non-operational decisions to the executive level, ensuring full transparency for decision-making B. Conduct an assessment of staff's decision-making skills, then use the results to identify key skills gaps and begin a training programme to improve organizational decision-making C. Establish a risk-based approach to define the key roles and stakeholder groups involved in various types of initiatives, which would help to delegate decision-making to the right levels D. Establish open lines of communication between IT decision-makers and executives about decisions being made, which would help each level understand who is making what decisions |
| C (2.1c) |
| 10. An organization in a highly-regulated industry is considering adopting agile practices. The management team is concerned with maintaining compliance to regulatory requirements while empowering teams at every level to make key decisions. Which approach would MOST LIKELY help the company overcome this challenge? |
| A. Establish an operating model for teams and individuals to understand their scope of control, and the types of decisions they can make B. Map strategic objectives to operational metrics, so that all teams understand how their work impacts the organization's compliance to regulatory requirements C. Review and update operational policy documents to make reference to agile practices, and initiate a training programme to highlight the benefits of these practices D. Assess how competitors approach decision-making, and create a business case that highlights the return on investment from agile practices |
| A (2.1c) |
| 11. An organization is looking for a way to optimize decision-making in order to increase performance and keep risks under control. Which solution would support these objectives? |
| A. Ensure that all decisions are made by a small group of high-ranking authorities B. Delegate as much management decision-making as possible C. Delegate governance decision-making to the operational teams D. Ensure a higher level of structure for low-risk decision-making |
| B (2.1c) |
| 12. A growing IT department requires all decisions to be made by IT executives. The CIO is aware that it takes too much time to make decisions at that level, and it would be more effective to delegate it to staff closest to the work. Which is the BEST approach for delegating more decisions to staff? |
| A. Establish financial authorization limits for all staff, so staff are authorized to make decisions within their financial limits B. Delegate decisions to the most available person at the time a decision is needed, to avoid delays C. Develop a value stream map for making decisions, and use 'continual improvement' to eliminate waste in the process D. Delegate low-risk decisions to lower levels in the organization, keep governance and high-risk changes with the IT executive team |
| D (2.1c) |
| 13. A service desk team is consistently receiving poor customer feedback that highlights a slow and ineffective service. Which is the BEST way to carry out an assessment that focuses on an appropriate scope and discovers what is contributing to the poor service? |
| A. The assessment should focus on incidents handled by the service desk team B. The assessment should focus on the overall service desk team C. The assessment should focus on the service management practices of the whole IT department D. The assessment should focus on the wider enterprise |
| A (2.2d) |