Q: 3
Which of the following should be the FIRST step in planning an IT governance implementation?
Options
Discussion
C. saw a similar scenario in my last mock. BIA gives the actual numbers you need when comparing site costs to risk. KRIs and scenarios help but don't map dollars as directly. Pretty confident here but open to other takes.
Option D, encountered exactly similar question in my exam and the answer was the same. Always start with identifying business drivers first.
D, is right. You always need to identify business drivers first so you know what the governance should focus on. Everything else like KPIs and roles only make sense once you have that context. Pretty sure ISACA expects this logic, unless I'm missing something.
A is wrong, D. Always gotta find out what drives the business before anything else, even funding or KPIs come after. IT governance only makes sense if it lines up with those drivers. Pretty sure that's how ISACA structures this, but open to other views.
You always have to start by identifying business drivers before you can do anything else in IT governance. Can't define KPIs or push for funding if you don't know what you're trying to achieve. So D is the logical first move. Pretty sure about that but let me know if you see it differently!
B
I could see picking C here since defining KPIs feels like it should come first, to measure success from the start. But on review, that's probably a trap since you can't define relevant KPIs before you know the business drivers. Still, I'd initially lean toward C myself in an actual exam setting unless clarified.
A is wrong, C. KRIs help track risk trends, but BIA actually assigns financial values to downtime so you can align DR site costs with real business impact. Scenario-based is tempting but doesn't directly quantify dollars at risk. Pretty sure it's C unless I'm missing something subtle.
Yeah, D makes sense. Without identifying business drivers first, you might end up setting KPIs or assigning roles that totally miss the point of what the business actually needs. Pretty sure ISACA always puts business alignment at step one, but correct me if you've seen it otherwise.
C/D? I see similar questions on practice tests, and official ISACA guides always start with business drivers.
Be respectful. No spam.
