Q: 4
You are working as an Enterprise Architect within an Enterprise Architecture (EA) team at a large
government agency with multiple divisions. The agency has a well-established EA practice and
follows the TOGAF standard as its method for architecture development. The government has
mandated that the agency prepare for an "AI-first" world.
The agency wants to determine the impact and role of AI in its future services. The CIO has approved
a Request for Architecture Work to explore the use of AI in services. Some leaders are concerned
about reliance on AI, security, and employees’ need to acquire new skills.
The EA team leader seeks suggestions on managing the risks associated with a new architecture for
the AI-first project. Based on the TOGAF standard, which of the following is the best answer?
Options
Discussion
Option A
I don’t think it’s A. Option D actually addresses risk by including Security Architecture, which seems central for an AI-first setup. The question highlights security as a key concern, so I'd expect the best answer to tie risk management to security work specifically. Pretty sure D fits better here, but open to counterpoints if I’m missing something.
C or D. Both mention stakeholder handling and risk, and I keep seeing questions that want you to show awareness of implementation phase (Phase G) or Security Architecture. The trap might be thinking A covers actual risk management, but C seems reasonable too from a TOGAF process view.
Pretty sure it's A. TOGAF wants risks and stakeholder concerns captured in the Architecture Vision early.
B . Communication plans are essential in TOGAF, especially when introducing major shifts like AI adoption, and ensuring stakeholders are engaged reduces a lot of implementation risk. Option B seems to address the concerns proactively rather than just documenting them. I think it's close, given the agency's scale and leadership worries, but not 100% sure since TOGAF does emphasize the requirements doc as well. Anyone see it differently?
A
I don’t think it’s D. A covers risk management in line with TOGAF by capturing stakeholder concerns early in the Architecture Vision. D is more about security architecture, which is too narrow for this phase. Pretty sure A’s what TOGAF expects, but let me know if you see it differently.
C or D, saw similar wording in a practice test and picked D that time.
A all the way. TOGAF says to get stakeholder concerns and risks recorded in Architecture Vision, then you keep updating those in the Architecture Requirements Specification. The other choices skip this core step or focus on later phases. Pretty sure that's how the ADM wants it handled, but open to other takes.
A pretty sure. TOGAF has you document stakeholder concerns and risks right away in the Architecture Vision, and then keep tracking them in the Architecture Requirements Specification. The other options skip key steps or focus too much on later phases. If I'm missing something let me know.
Be respectful. No spam.
