OG0-092 Exam QuestionsBrowse all questions from this exam
Go to Exam

OG0-092 Exam - Question 3

Scenario: AGEX Inc.

AGEX is a large, global commodities trading company which has been growing rapidly through a series of acquisitions.

Each new business is performing well in its markets. However, the lack of integration between headquarters and the business units has increasingly caused problems in the handling of customer and financial information. The inability to share information across businesses has resulted in lost opportunities to "leverage the synergies" that had been intended when the businesses were acquired. At present, each business unit maintains its own applications. Despite an earlier initiative to install a common application to manage customer, products, supplier, and inventory information, each business unit has different ways of defining each of these core elements and has customized the common application to the point where the ability to exchange information is difficult, costly, and error-prone.

As a result, AGEX has begun implementing a single Enterprise Resource Planning (ERP) system to consolidate information from several applications that exist across the lines of business. The Corporate Board is concerned that the new ERP system must be able to manage and safeguard customer information in a manner that meets or exceeds the legal requirements of the countries in which the company operates. This will be an increasingly important capability as the company expands its online services offered to clients and trading partners.

The CIO has formed an Enterprise Architecture department, and one of the primary goals in its charter is to coordinate efforts between the ERP implementation team and the business unit personnel who will be involved in the migration process. The CIO has also formed a cross-functional Architecture Review Board to oversee and govern the architecture.

After reviewing the available alternatives, and based on recommendations from the ERP vendor, AGEX has selected TOGAF 9 as the basis for its Enterprise

Architecture program.

The CIO has endorsed this choice with the full support of top management.

You are serving as the Chief Architect.

You have been asked to recommend the approach to take in the Preliminary Phase to ensure that the Corporate Board's concern is addressed.

Based on TOGAF 9, which of the following is the best answer?

Show Answer
Correct Answer: C

In the Preliminary Phase of TOGAF 9, it is essential to understand the specific concerns of the Corporate Board and to comprehend their implications for regulatory requirements and business objectives. Clarifying the Board's intent helps identify the potential impacts and ensures that the architecture responds effectively to those concerns. Allocating a security architect or team to develop a comprehensive security architecture addresses the need to manage and safeguard customer information in compliance with legal requirements. This approach ensures a thorough understanding and appropriate action to meet the Board's concerns, which is a fundamental step before proceeding with any architectural development. This makes option C the best answer.

Discussion

17 comments
Sign in to comment
sudhimenonOption: A
Nov 12, 2020

Business goals and objectives comes in Phase - A, A should be the right answer.

rbaggio
Jan 28, 2021

Since when does an Enterprise Architect update a security policy?

ADR_SA_21
Aug 20, 2021

Principle 9: Protection of Intellectual Property

venksfcOption: C
Oct 11, 2020

C seems correct to me. It is given as answer in another portal too.

modsjunkOption: C
Jul 9, 2023

A and D are out B is out because of this line You allocate a security architect to oversee the implementation of the solution in the ERP system that is being developed. you don't ask security architect to oversee the implementation of the solution in the ERP system

mesteritOption: B
Feb 3, 2023

B is correct - You then update the Global Traders security policy to reflect the concern,... You allocate a security architecture team - Ent. Arch would just propose don't change or allocate ... therefore seems A is incorrect. - Request for Architecture Work is not raised by Ent. Arch. - therefore seems C incorrect. - You can't just change a security policy on your understanding. therefore seems D is incorrect. - And the Request for Architecture Work is issued by the sponsor - The question asks for "Recommendations", but other answers are simply taking some actions which are not even in the scope of the Chief Architect.

93madox
Mar 11, 2023

B says that Security Architect should oversee the implementation. Standard says Architecture Board does oversee the implementation. I think it is C

miche_s87
May 6, 2023

I don't agree since the "Request for Architecture Work" are sent from the sponsoring organization to the architecture organization (32.2.17 Request for Architecture Work). In answer B it says that you (as an EA) sents the Request for Architects. I go for C as well.

cbgrapeOption: A
Aug 6, 2022

A and D are similar, but A is better because it includes the assessment of impacts on business units and third parties (assess the security implications and agreements within the AGEX businesses and their suppliers), which is a part of "Scope the Enterprise Organizations Impacted" step.

Qman2022Option: C
Dec 30, 2022

Architecture team do not allocate resource we propose/recommend that takes A and D out. Now between B and C, Architecture team do not issue Request for architecture. this strike out B. This is done mostly in phase H to activate a change request since we are in preliminary phase. Hence we are left we C that is correct answer.

PratsMicOption: A
Jun 19, 2023

A coz its about communication across the Org too ( that other options lacked)

MackDOption: C
Jul 3, 2023

Anwser C. In my opinion: A: Chief Architect is not responsible for updating a security policy. B: Request for Architecture Work is not issued by an Chief Architect. C: This is the only one that makes sense. D: As mentioned before "based on your understanding". https://pubs.opengroup.org/architecture/togaf9-doc/arch/chap46.html

HN6366
Jul 10, 2023

Agreed, C is the best option here.

crimemasternogoOption: A
Aug 30, 2023

This is what I found: "The security policy should be examined to find relevant sections, and "updated" if necessary. Architecture constraints established in the "security policy must be communicated to the other members of the architecture team"." So, the answer A makes sense.

JKLExTopOption: C
Mar 1, 2023

The EA doesn't - Update the AGEX security policy to reflect the concern - Assess the security And it's too early in the preliminary phase to update any policy Therefore, C is the correct answer

saurabhparveenOption: A
Apr 26, 2023

I will go with A, security policy is updated in preliminary phase https://pubs.opengroup.org/architecture/togaf91-doc/arch/chap21.html Also,as per step3 ■ Allocate key roles and responsibilities for Enterprise Architecture Capability management and governance

miche_s87Option: C
May 6, 2023

see my comment below.

RACHIT0412Option: A
May 12, 2023

Chatgpt says A

PratsMic
Jun 19, 2023

Chatgpt just look at the answer provided here and cert library to get to the conclusion ...

el3ctronick
Feb 24, 2024

If you noticed, there is no clear answer here. we are all looking for the correct one and we all see gaps in every possible answer. have you managed to find the right one? please explain if it is that clear to you. thanks!

red_pandaOption: C
May 25, 2023

I think that the correct answer is the C because the Chief Architect don't allocate the resources.

th_melOption: A
Jul 24, 2023

ChatGPT says: A Bard AI says: C

HN6366Option: C
Dec 25, 2023

C is the correct answer.

EsoEsoOption: A
Dec 26, 2023

A is the best answer refer to: https://pubs.opengroup.org/architecture/togaf91-doc/arch/chap21.html#tag_21 Section: 21.5 Preliminary Phase