The Open Group OGEA-103 TOGAF Enterprise Architecture Combined Part 1 and Part 2 Exam Practice Test

Page: 1 / 14
Total 114 questions

Want more questions? Get Premium Access.
()

Question 1

Please read this scenario prior to answering the question

You are working as an Enterprise Architect within a healthcare and life science company. The company is a

leading player in its industry, dedicated to transforming healthcare with new ideas and advancements. The

company has multiple divisions that cover different aspects of the business.

The company's Enterprise Architecture (EA) department has been operating for several years and has

mature, well-developed architecture governance and development processes following the TOGAF

Standard. In addition to the EA program, the company has a number of management frameworks in use.

The Architecture Board includes representatives from each division of the company.

Many of the company's rivals have begun utilizing Artificial Intelligence (Al) in their operations, and the

indications are that this will be transformative for healthcare delivery. This is something the EA department

has been interested in for a while, and they had recently submitted an architecture Change Request which

was approved. As a result, the CIO has approved a Request for Architecture Work to investigate the

implementation of Al in the company.

Areas for evaluation include:

How can staff use Al daily in their current role?

How Al can enhance access to care for patients, and how to make that experience seamless?

How Al can offer new workplace platforms and tools to increase efficiency?

Some of the top managers are worried about a change in the way of working, and if it will achieve the goals.

Many are not confident that the company's risk management processes are adequate for a company-wide

integration of generative Al. There are also questions from staff about whether enough specific guidelines

and polices have been put in place for responsible use of Al.

The Chief Information Officer (CIO) is the sponsor of the Enterprise Architecture program. The CIO has

actively encouraged architecting with agility within the EA department as her preferred approach for projects.

The CIO wants to know how to address these concerns and reduce risks.

Refer to the scenario

You have been tasked with starting the architecture development. How do you begin?

Based on the TOGAF standard which of the following is the best answer?

AYou recommend that an analysis of the stakeholders is undertaken. This will allow the architects to
define groups of partners (the stakeholders) who have common concerns and include development
of a Stakeholder Map. The concerns and relevant views should then be defined for each group and
recorded in the Architecture Vision document. To mitigate risk, you include a requirement that there
be progressive development of the target architecture to ensure there is regular feedback.

BYou recommend that a Communications Plan be created to address the key stakeholders, that is the
most powerful and influential partners. This plan should include a report that summarizes the key
features of the architecture with respect to each location and reflects the stakeholders' requirements.
You will check with each key stakeholder that their concerns are being addressed. Risk mitigation
should be explicitly addressed as a component of the architecture being developed.

CYou recommend that models be created for the Draft Business, Data, Application, and Technology
Architectures. These can be used to ensure that the system will be compliant with the local
regulations for each division. Together with the problem description, and requirements, this ensures
that all the necessary data and detail is addressed. A formal review should be held with the
stakeholders to verify that their concerns have been properly addressed by the models.

DYou recommend creation of a set of business models that can be applied uniformly across all Al-
related architecture projects. These should be developed in the portable format to ensure maximum
portability across the many tools used in the firm. Each architecture should then be defined based on
this fixed set of models. All concerned parties can then examine the models to ensure that their
needs have been addressed.

Answer : A

Key aspects of the scenario:

Objective:

Integrating Artificial Intelligence (AI) into healthcare delivery, with a focus on improving patient care, enhancing workplace efficiency, and enabling seamless experiences.

Challenges:

Stakeholder concerns about risk management, adaptability to change, and ensuring alignment with regulations and policies.

Addressing the concerns of staff and top management about AI integration and achieving the desired goals.

CIO's Perspective:

Encouraging an agile approach to architecture development.

Addressing risks and ensuring stakeholder concerns are managed.

Areas for Evaluation:

AI usage by staff and impact on workflows.

Patient experience enhancement via AI.

New workplace platforms and tools powered by AI.

Option Analysis:

Option 1: Analysis of stakeholders and development of a Stakeholder Map

Pros:

Stakeholder analysis is critical for identifying concerns, viewpoints, and requirements.

TOGAF emphasizes stakeholder engagement early in the process to mitigate risks and align expectations.

Developing a Stakeholder Map ensures clear alignment with their interests and creates a foundation for regular feedback loops.

Cons:

Does not explicitly address the creation of architecture models or policies upfront.

Option 2: Creation of a Communications Plan

Pros:

A communications plan fosters effective stakeholder engagement by addressing their concerns and ensuring transparent reporting.

Risk mitigation as part of communication aligns with TOGAF's stakeholder management practices.

Cons:

This focuses more on communication mechanics rather than advancing architectural development directly.

Option 3: Models for Draft Business, Data, Application, and Technology Architectures

Pros:

Aligns with the Architecture Development Method (ADM), ensuring compliance with requirements and regulations.

Helps formalize stakeholder feedback by verifying their concerns against tangible models.

Cons:

Developing detailed models early on may delay immediate resolution of stakeholder concerns and risk mitigation.

Option 4: Set of reusable business models for AI-related projects

Pros:

Standardized models ensure consistency and portability across the organization's AI-related efforts.

Cons:

Too narrow in focus for the initial architecture development phase; does not address risk management or stakeholder concerns adequately.

Recommended Answer:

Option 1: You recommend that an analysis of the stakeholders is undertaken.

Reasoning:

The scenario highlights stakeholder concerns about risks, adaptability, and compliance. Addressing these concerns requires stakeholder analysis as the first step.

A Stakeholder Map aligns with TOGAF's emphasis on stakeholder engagement, providing a structured way to manage their concerns and expectations.

Identifying concerns early and integrating feedback into the Architecture Vision document ensures alignment with goals and smooth progress.

Option 1 sets the foundation for collaboration and risk management, making it the best fit for the current phase.

Question 2

Please read this scenario prior to answering the question

You are working as an Enterprise Architect at a large supermarket. The company runs many retail

stores, as well as an online grocery shop. Many of the stores used to remain open 24/7, but the

number has decreased in recent years. Instead, they now focus on fulfilling online orders during

the night.

The company has a mature Enterprise Architecture (EA) practice and uses the TOGAF standard

for its architecture development method. The EA practice is involved in all aspects of the

business, with oversight provided by an Architecture Board with representatives from different

parts of the business. The EA program is sponsored by the Chief Information Officer (CIO).

Each store uses a standard method to track sales and inventory. This involves sending accurate

timely sales data to a central Al-based inventory management system that can predict demand,

adjust stock levels and automate reordering. The central inventory management system is housed

at the company's central data center.

The company has bought a major rival. The Chief Executive Officer believes that a merger will

enable growth through combined offerings and cost savings. The decision has been taken to fully

integrate the two organizations, including merging retail operations and systems. This means that

duplicated systems will be replaced with one standard retail management system. Also, the

company will reduce the number of applications that are used. The CIO expects significant

savings will be achieved by implementing these changes across the newly merged company.

One improvement that the rival has successfully implemented is the use of hand-held devices

within stores, for both customers and staff. This has increased both customer and staff employee

satisfaction due to the time savings this has brought. The CIO has given the go-ahead to roll out

the devices in all stores but has stated that training on how to use the hand-held devices should

be brief because there are a lot of employees, many of whom are part-time.

The Request for Architecture Work to oversee the merger has been approved. The project has

been scoped and you have been assigned to work on it. Your role includes managing the

architecture for the retail stores.

Refer to the scenario

You have been asked to confirm the most relevant architecture principles for the transformation.

Based on the TOGAF Standard, which of the following is the best answer?

[Note: The sequence of the principles listed in each answer does not matter. You should assume

the company follows the set of principles that are provided in the TOGAF Standard, ADM

Techniques, Architecture Principles chapter. You may need to refer to section 2.6 located in ADM

Techniques within the reference text to answer this question.]

AMaximize Benefit to the Enterprise, Common Use Applications, Data is an Asset, Responsive Change Management, Technology Independence

BControl Technical Diversity, Interoperability, Data is an Asset, Data is Shared, Business Continuity

CCommon Vocabulary and Data Definitions, Compliance with the Law, Requirements Based Change, Responsive Change Management, Data Security

DCommon Use Applications, Data is an Asset, Data is Accessible, Ease of Use, Business Continuity

Answer : A

Key aspects of the scenario:

Business Objective:

A merger is happening to combine offerings, reduce costs, and achieve operational efficiency.

The goal includes fully integrating retail operations and systems, replacing duplicated systems, and reducing the number of applications used.

Technological Improvements:

A central AI-based inventory system is in place.

Hand-held devices for stores have improved customer and staff satisfaction and increased efficiency.

Scope of Architecture Work:

Integrating the merged systems.

Managing retail architecture to optimize operations.

TOGAF Alignment:

TOGAF principles aim to ensure the architecture supports business transformation effectively while aligning with governance and best practices.

Best answer analysis:

Option 1:

Maximize Benefit to the Enterprise: Aligns with the merger goals of cost reduction and efficiency.

Common Use Applications: Matches the goal to reduce duplicated systems.

Data is an Asset: Central AI system depends on accurate and reliable data.

Responsive Change Management: Necessary to support the transition and manage organizational impacts.

Technology Independence: Encourages selecting flexible, scalable solutions post-merger.

This option comprehensively aligns with the scenario.

Option 2:

Control Technical Diversity: Important but less emphasized than cost reduction and application unification.

Interoperability: Relevant, but less critical compared to principles addressing business value.

Data is an Asset: Relevant.

Data is Shared: Implied in centralized inventory but not directly stated.

Business Continuity: Important but not the main focus here.

This option partially fits but lacks emphasis on business outcomes.

Option 3:

Common Vocabulary and Data Definitions: Indirectly helpful but not central to the transformation.

Compliance with the Law: Always critical, but no explicit legal issues are mentioned.

Requirements-Based Change: General principle but not transformation-specific.

Responsive Change Management: Relevant.

Data Security: Important but not a central concern in the scenario.

This option focuses more on governance and less on merger goals.

Option 4:

Common Use Applications: Relevant to reducing duplicate systems.

Data is an Asset: Relevant.

Data is Accessible: Fits with AI system and handheld devices but is a subset of 'Data is an Asset.'

Ease of Use: Relevant to handheld devices but not a core transformation principle.

Business Continuity: Important but secondary to cost and efficiency.

This option focuses more on usability and accessibility rather than transformation objectives.

Question 3

You are working as an Enterprise Architect within the Enterprise Architecture (EA) team at a healthcare and life sciences company. The EA team is developing a secure system for researchers to share clinical trial information easily across the organization and with external partners.

Due to the highly sensitive nature of the information, each architecture domain must consider privacy and safety concerns. The healthcare division has been directed to minimize disruptions to clinical trials while introducing the new system gradually.

How would you identify the work packages for introducing the new system? Based on the TOGAF standard, which of the following is the best answer?

AUse a Consolidated Gaps, Solutions, and Dependencies Matrix to create work packages and sequence them into Capability Increments. Document in a Transition Architecture State Evolution Table.

BIdentify Solution Building Blocks for development or procurement, then use a CRUD matrix to rank and select the most cost-effective work packages. Schedule the rollout sequentially across regions.

CUse a Consolidated Gaps, Solutions, and Dependencies Matrix to classify each solution, group them into work packages, then regroup into Capability Increments. Document in an Architecture Definition Increments Table.

DDraw up an Implementation Factor Catalog to indicate actions and constraints. Use a Consolidated Gaps, Solutions, and Dependencies Matrix, then group similar activities into work packages and identify dependencies.

Answer : C

In the TOGAF framework, understanding and addressing stakeholder concerns is crucial, particularly for complex projects with high stakes like the AI-first initiative described in the scenario. This approach aligns well with TOGAF's ADM (Architecture Development Method) and its emphasis on effective stakeholder management and risk assessment. Here's why this is the best course of action:

Stakeholder Analysis and Documentation: Conducting a stakeholder analysis is foundational in the early stages of any TOGAF project, particularly during the Preliminary and Architecture Vision phases. This process involves identifying the different stakeholders, understanding their positions, documenting their concerns, and considering any cultural factors that might influence their perspective on the AI-first initiative. Given the diverse concerns raised (such as job security, skill requirements, and cybersecurity), it's essential to have a clear understanding of each stakeholder group's priorities and fears.

Recording Concerns in the Architecture Vision Document: The Architecture Vision phase in TOGAF focuses on defining the high-level scope and objectives of the architecture project. By documenting stakeholder concerns and the corresponding views in the Architecture Vision document, the EA team ensures that these concerns are transparently acknowledged and addressed as part of the strategic direction. This step not only aligns with TOGAF best practices but also helps in building stakeholder buy-in and trust.

Architecture Requirements Specification and Risk Management: Risk management is a key aspect of TOGAF's ADM, particularly in the Requirements Management and Implementation Governance phases. Documenting the requirements for addressing specific risks in the Architecture Requirements Specification provides a structured way to ensure that identified risks are acknowledged and managed throughout the transformation. Regular assessments and feedback loops ensure ongoing alignment and adaptability to emerging risks, which is particularly important given the dynamic nature of AI and its associated challenges.

Alignment with TOGAF ADM Phases: This approach follows the prescribed flow of TOGAF's ADM, starting with stakeholder engagement in the Preliminary and Architecture Vision phases and progressing to risk assessment in the Requirements Management phase. By maintaining a focus on stakeholder needs and formalizing these into architecture requirements, the EA team can ensure that the architecture not only meets business objectives but also mitigates stakeholder concerns.

TOGAF Reference on Stakeholder Management Techniques: TOGAF places significant emphasis on managing stakeholder concerns through its stakeholder management techniques, which highlight the need to systematically identify, analyze, and address the concerns of all involved parties. This practice helps ensure that the architecture is viable and accepted across the organization.

By conducting a thorough stakeholder analysis and integrating the findings into both the Architecture Vision and the Architecture Requirements Specification, the EA team can proactively address stakeholder concerns, manage risks, and align the AI-first initiative with the agency's strategic objectives. This approach is consistent with TOGAF's guidance and provides a structured framework for addressing both business and technical challenges in the context of an AI-first transformation.

Question 4

You are working as an Enterprise Architect at a large company. The company runs many retail stores as well as an online marketplace that allows hundreds of brands to partner with the company. The company has a mature Enterprise Architecture (EA) practice and uses the TOGAF standard for its architecture development method. The EA practice is involved in all aspects of the business, with oversight provided by an Architecture Board with representatives from different parts of the business. The EA program is sponsored by the Chief Information Officer (CIO).

Many of the stores remain open all day and night. Each store uses a standard method to track sales and inventory, which involves sending accurate, timely sales data to a central AI-based inventory management system that can predict demand, adjust stock levels, and automate reordering. The central inventory management system is housed at the company's central data center.

The company has acquired a major rival. The Chief Executive Officer (CEO) believes that the merger will enable growth through combined offerings and cost savings. The decision has been made to fully integrate the two organizations, including merging retail operations and systems. Duplicated systems will be replaced with one standard retail management system. The CIO expects significant savings from these changes across the newly merged company.

The rival company has successfully implemented the use of hand-held devices within stores for both customers and staff, which has increased satisfaction due to time savings. The CIO has approved the rollout of these devices to all stores but has stated that training should be brief, as there are many part-time employees.

You have been asked to confirm the most relevant architecture principles for this transformation. Based on the TOGAF Standard, which of the following is the best answer?

ACommon Vocabulary and Data Definitions, Compliance with the Law, Requirements Based Change, Responsive Change Management, Data Security

BControl Technical Diversity, Interoperability, Data is an Asset, Data is Shared, Business Continuity

CCommon Use Applications, Data is an Asset, Data is Accessible, Ease of Use, Business Continuity

DMaximize Benefit to the Enterprise, Common Use Applications, Data is an Asset, Responsive Change Management, Technology Independence

Answer : D

In this scenario, the enterprise is undergoing significant transformation due to a merger and the adoption of new technology (hand-held devices). Several key principles from TOGAF's ADM Techniques---particularly those focused on promoting enterprise-wide standardization, adaptability, and data utilization---are pertinent here:

Maximize Benefit to the Enterprise: This principle emphasizes that all architectural decisions should deliver maximum business value. Given that the company is integrating systems to cut costs and improve offerings, maximizing the benefit is crucial. Ensuring that the EA efforts align with enterprise-wide benefits supports the goal of optimizing costs and enhancing offerings, which aligns with the CEO's vision for the merger.

Common Use Applications: Standardizing applications across the merged entity will be essential to achieve cost savings and to simplify operations. The goal of reducing the number of applications fits with this principle, ensuring that reusable and widely adopted applications support business functions across the organization. Adopting this principle will also aid in harmonizing the systems from both organizations and avoiding unnecessary diversity.

Data is an Asset: Data plays a central role in the company's operations, especially with the use of AI-driven inventory management and the integration of systems. Treating data as an asset is essential for reliable and accurate decision-making. This principle ensures that data is viewed as a critical enterprise resource and is managed with care, maintaining integrity, accuracy, and value.

Responsive Change Management: The organization's ability to adapt quickly and effectively to changes, such as integrating new handheld devices and merging systems, is essential. This principle will facilitate the smooth transition required for integrating the new handheld devices and the merger-related system updates while minimizing disruption to store operations.

Technology Independence: Since the enterprise will likely encounter varied technologies from the merger, it is crucial to maintain flexibility. This principle advocates for using technology solutions that are adaptable and not bound to a single vendor or specific technology. This ensures that the enterprise can integrate various technological components from both organizations and evolve with minimal constraints.

These principles align well with TOGAF's broader recommendations for guiding architectural changes, as found in Section 2.6 of the TOGAF ADM Techniques. They ensure that the EA practice is aligned with business objectives while maintaining flexibility, data integrity, and a focus on enterprise-wide benefits. These guiding principles are critical for the successful execution of the integration and adoption of new technologies while achieving cost efficiencies and improving service delivery.

For reference, TOGAF's ADM Techniques highlight the importance of architectural principles in guiding transformational initiatives, ensuring that decisions are made consistently across the enterprise. Each principle supports organizational agility, system integration, and the efficient use of technology resources, all of which are vital for the enterprise's stated objectives.

Question 5

Please read this scenario prior to answering the question

You are the Lead Enterprise Architect at a major agribusiness company. The company's main

annual harvest is lentils, a highly valued food grown worldwide. The lentil parasite, broomrape,

has been an increasing concern for many years and is now becoming resistant to chemical

controls. In addition, changes in climate favor the propagation and growth of the parasite. As a

result, the parasite cannot realistically be exterminated, and it has become pandemic, with lentil

yields falling globally.

The CEO appreciates the seriousness of the situation and has set out a change in direction

that is effectively a new business for the company. There are opportunities for new products,

and new markets. The company will use the fields for another harvest and will cease to process

third-party lentils. Thus, the target market will change, and the end-products will be different

and more varied. This is a major decision and the CEO has stated a desire to repurpose rather

than replace so as to manage the risks and limit the costs.

The company has a mature Enterprise Architecture practice based in its headquarters and uses

the TOGAF standard as the method and guiding framework. The practice has an established

Architecture Capability, and uses iteration for architecture development. The CIO is the sponsor

of the activity.

The CIO has assigned the Enterprise Architecture team to this activity. At this stage there is no

shared vision, or requirements.

Refer to the scenario

You have been asked to propose the best approach for architecture development to realize the

CEO's change in direction for the company.

Based on the TOGAF standard which of the following is the best answer?

AYou propose that the team focus on architecture definition, with emphasis on defining
the change parameters to support this new business strategy that the CEO has
identified. Once understood, the team will be in the best position to identify the
requirements, drivers, issues, and constraints for the change. You would ensure that the
architecture development addresses non-functional requirements to assure that the
target architecture is robust and secure.

BYou propose that this engagement define the baseline Technology Architecture first in
order to assess the current infrastructure capacity and capability for the company. Then
the focus should be on transition planning and incremental architecture deployment.
This will identify requirements to ensure that the projects are sequenced in an optimal
fashion so as to realize the change.

CYou propose that the priority is to understand and bring structure to the definition of the
change. The team should focus iteration cycles on a baseline first approach to
architecture development, and then transition planning. This will identify what needs to
change in order to transition from the baseline to the target, and can be used to work out
in detail what the shared vision is for the change.

DYou propose that the team focus its iteration cycles on architecture development by
going through the architecture definition phases (B-D) with a baseline first approach.
This will support the change in direction as stated by the CEO. It will ensure that the
change can be defined in a structured manner and address the requirements needed to
realize the change.

Answer : C

Based on the TOGAF standard, this answer is the best approach for architecture development to realize the CEO's change in direction for the company. The reason is as follows:

The scenario describes a major business transformation that requires a clear understanding of the current and future states of the enterprise, as well as the gaps and opportunities for change. Therefore, the priority is to understand and bring structure to the definition of the change, rather than focusing on the implementation details or the technology aspects.

The team should use the TOGAF ADM as the method and guiding framework for architecture development, and adapt it to suit the specific needs and context of the enterprise. The team should also leverage the existing Architecture Capability and the Architecture Repository to reuse and integrate relevant architecture assets and resources.

The team should focus iteration cycles on a baseline first approach to architecture development, which means starting with the definition of the Baseline Architecture in each domain (Business, Data, Application, and Technology), and then defining the Target Architecture in each domain. This will help to identify the current and desired states of the enterprise, and to perform a gap analysis to determine what needs to change in order to achieve the business goals and objectives.

The team should then focus on transition planning, which involves identifying and prioritizing the work packages, projects, and activities that will deliver the change. The team should also create an Architecture Roadmap and an Implementation and Migration Plan that will guide the execution and governance of the change.

The team should use the Architecture Vision phase and the Requirements Management phase to work out in detail what the shared vision is for the change, and to capture and validate the stakeholder requirements and expectations. The team should also use the Architecture Governance framework to ensure the quality, consistency, and compliance of the architecture work.

Question 6

Please read this scenario prior to answering the question

Your role is consultant to the Lead Architect within a multinational company that manufactures electronic components. The company has several manufacturing divisions located worldwide and a complex supply chain. After a recent study, senior management have stated a concern about business efficiency considering the company's multiple data centers and duplication of applications.

The company has a mature Enterprise Architecture (EA) practice and uses the TOGAF architecture development method in its EA practice. In addition to the EA program, the company has several management frameworks in use, including business planning, project/portfolio management, and operations management. The EA program is sponsored by the CIO.

A strategic architecture has been defined to improve the ability to meet customer demand and improve management of the supply chain. The strategic architecture includes the consolidation of multiple Enterprise Resource Planning (ERP) applications that have been operating independently in the divisions' production facilities.

Each division has completed the Architecture Definition documentation to meet its own specific manufacturing requirements. The enterprise architects have defined a set of work packages that address the gaps identified. They have identified the value produced, effort required, and dependencies between work packages to reach a farget architecture that would integrate a new ERP environment into the company.

Because of the risks posed by change from the current environment, the architects have recommended that a phased approach occurs to implement the target architecture with several transition states. The overall implementation process is estimated to take several years.

Refer to the scenario

You have been asked what the next steps are for the migration planning.

Based on the TOGAF standard which of the following is the best answer?

AYou conduct a series of Compliance Assessments to ensure that the architecture is being implemented according to the contract. The Compliance Assessment should verify that the implementation team is using the proper development methodology. It should include deployment of monitoring tools and ensure that performance targets are being met. If they are not met, then you would identify changes to performance requirements and update those in the Implementation and Migration Plan.

BYou place the Architecture Definition Document under configuration control. This will ensure that the architecture remains relevant and responsive to the needs of the enterprise. You would identify the development resources to undertake the projects. You would then produce an Implementation Governance Model to manage the lessons learned prior to finalizing the plan. You recommend that lessons learned be applied as changes to the architecture without review.

CYou estimate the business value for each project by applying the Business Value Assessment Technique to prioritize the implementation projects and project increments. The assessment should focus on return on investment and performance evaluation criteria that can be used to monitor the progress of the architecture transformation. You would confirm and plan a series of Transition Architecture phases using an Architecture Definition Increments Table that lists the projects.

DYou assess how the Implementation and Migration plan impacts the other frameworks in use in the organization. Minimally, you ensure that the plan is coordinated with the business planning, project/portfolio management and operations management frameworks. You would then assign a business value to each work package, considering available resources and strategic fit. You then use the work packages to identify projects that will be in the Implementation and Migration Plan

Answer : C

The Business Value Assessment Technique is a technique that can be used to estimate and compare the business value of the projects and project increments that implement the architecture work packages, which are the sets of actions or tasks that are required to implement a specific part of the architecture.The business value is the measure of the benefits or advantages that the project or project increment delivers to the business, such as increased revenue, reduced costs, improved quality, or enhanced customer satisfaction1

The steps for applying the Business Value Assessment Technique are:

Identify the criteria and factors that are relevant to the business value assessment, such as costs, benefits, risks, and opportunities. The criteria and factors should be aligned with the business goals and drivers that motivate the architecture work, and the stakeholder requirements and concerns that influence the architecture work.

Assign weights and scores to the criteria and factors, using various methods, such as expert judgment, historical data, or analytical models. The weights and scores should reflect the importance and performance of the criteria and factors, and the trade-offs and preferences of the stakeholders.

Calculate the business value for each project or project increment, using various techniques, such as net present value, return on investment, or balanced scorecard. The business value should indicate the expected or actual outcomes and impacts of the project or project increment on the business.

Prioritize the implementation projects and project increments, based on the business value and other considerations, such as dependencies, resources, or risks. The prioritization should determine the order or sequence of the projects and project increments, and the allocation and utilization of the resources.

Therefore, the best answer is C, because it describes the next steps for the migration planning, which are the activities that support the transition from the Baseline Architecture to the Target Architecture. The answer covers the Business Value Assessment Technique, which is relevant to the scenario.

Question 7

Please read this scenario prior to answering the question

You have been appointed as senior architect working for an autonomous driving technology development company. The mission of the company is to build an industry leading unified technology and software platform to support connected cars and autonomous driving.

The company uses the TOGAF Standard as the basis for its Enterprise Architecture (EA) framework. Architecture development within the company follows the purpose-based EA Capability model as described in the TOGAF Series Guide: A Practitioners'Approach to Developing Enterprise Architecture Following the TOGAF ADM.

An architecture to support strategy has been completed defining a long-range Target Architecture with a roadmap spanning five years. This has identified the need for a portfolio of projects over the next two years. The portfolio includes development of travel assistance systems using swarm data from vehicles on the road.

The current phase of architecture development is focused on the Business Architecture which needs to support the core travel assistance services that the company plans to provide. The core services will manage and process the swarm data generated by vehicles, paving the way for autonomous driving in the future.

The presentation and access to different variations of data that the company plans to offer through its platform poses an architecture challenge. The application portfolio needs to interact securely with various third-party cloud services, and V2X (Vehicle-to-Everything) service providers in many countries to be able to manage the data at scale. The security of V2X is a key concern for the stakeholders. Regulators have stated that the user's privacy be always protected, for example, so that the drivers' journey cannot be tracked or reconstructed by compiling data sent or received by the car.

Refer to the scenario

You have been asked to describe the risk and security considerations you would include in the current phase of the architecture development?

Based on the TOGAF standard which of the following is the best answer?

AYou will focus on the relationship with the third parties required for the travel assistance systems and define a trust framework. This will describe the relationship with each party. Digital certificates are a key part of the framework and will be used to create trust between parties. You will monitor legal and regulatory changes across all the countries to keep the trust framework in compliance.

BYou will perform a qualitative risk assessment for the data assets exchanged with partners. This will deliver a set of priorities, high to medium to low, based on identified threats, the likelihood of occurrence, and the impact if it did occur. Using the priorities, you would then develop a Business Risk Model which will detail the risk strategy including classifications to determine what mitigation is enough.

CYou will focus on data quality as it is a key factor in risk management. You will identify the datasets that need to be safeguarded. For each dataset, you will assign ownership and responsibility for the quality of data needs. A security classification will be defined and applied to each dataset. The dataset owner will then be able to authorize processes that are trusted for a certain activity on the dataset under certain circumstances.

DYou will create a security domain model so that assets with the same level can be managed under one security policy. Since data is being shared across partners, you will establish a security federation to include them. This would include contractual arrangements, and a definition of the responsibility areas for the data exchanged, as well as security implications. You would undertake a risk assessment determining risks relevant to specific data assets.

Answer : D

A security domain model is a technique that can be used to define the security requirements and policies for the architecture. A security domain is a grouping of assets that share a common level of security and trust. A security policy is a set of rules and procedures that govern the access and protection of the assets within a security domain.A security domain model can help to identify the security domains, the assets within each domain, the security policies for each domain, and the relationships and dependencies between the domains1

Since the data is being shared across partners, a security federation is needed to establish a trust relationship and a common security framework among the different parties. A security federation is a collection of security domains that have agreed to interoperate under a set of shared security policies and standards. A security federation can enable secure data exchange and collaboration across organizational boundaries, while preserving the autonomy and privacy of each party.A security federation requires contractual arrangements, and a definition of the responsibility areas for the data exchanged, as well as security implications2

A risk assessment is a process that identifies, analyzes, and evaluates the risks that may affect the architecture. A risk assessment can help to determine the likelihood and impact of the threats and vulnerabilities that may compromise the security and privacy of the data assets.A risk assessment can also help to prioritize and mitigate the risks, and to monitor and review the risk situation3

Therefore, the best answer is D, because it describes the risk and security considerations that would be included in the current phase of the architecture development, which is focused on the Business Architecture. The answer covers the security domain model, the security federation, and the risk assessment techniques that are relevant to the scenario.