 |
ISG711S - INFORMATION SYSTEM STRATEGY and GOVER - 2ND OPP - JULY 2 |
|
|
1 Page 1 |
▲back to top |
nAmlBIA UnlVERSITY
OF SCIEnCE Ano TECHnOLOGY
FACULTY OF COMPUTING AND INFORMATICS
DEPARTMENT OF INFORMATICS, JOURNALISM AND MEDIA TECHNOLOGY
QUALIFICATION: BACHELOR OF INFORMATICS
QUALIFICATION CODE: 07BAIT
LEVEL: 7
COURSE CODE: ISG711S
COURSE NAME: INFORMATION SYSTEM STRATEGY AND
GOVERNANCE
SESSION: JULY 2022
PAPER: THEORY
DURATION: 3 HOURS
MARKS: 95
SECOND OPPORTUNITY /SUPPLEMETARY EXAMINATION QUESTION PAPER
EXAMINER(S) Ms SINTE MUTELO
MODERATOR: MS HELENA NAHUM
INSTRUCTIONS
l. Answer ALL the questions.
2. Write clearly and neatly.
3. Number the answers.
PERMISSIBLE MATERIALS
l. Pen
2. Pencil
THIS QUESTION PAPER CONSISTS OF 5 PAGES (including this front page)
1
|
|
2 Page 2 |
▲back to top |
QUESTION 1: MULTIPLE CHOICE
[S]
Write only the correct letter of your choice in the answer book.
1. ..................is a family of standards for quality management systems.
[1]
a. ISO 27001
b. ISO 9001
c. ISO/IEC 38500
d. ITIL
2. ........... is the process of designing, delivering, managing, and improving the IT services
an organization provides to its end users?
[1]
a. IT architecture
b. IT service management (ITSM)
c. IT alignment
d. IT infrastructure
3. ............ is a set of detailed practices for IT activities such as IT service management and
IT asset management that focus on aligning IT services with the needs of the business.
[1]
a. ITIL
b. COBIT
c. The Information Technology Infrastructure Library
d. ISO
4. An enterprise needs ................ at all levels to achieve its operational, financial, and
compliance objectives
[1]
a. Internal controls
b. Governance
2
|
|
3 Page 3 |
▲back to top |
c. Directors
d. Information
5. Sometimes people will also extend that letter in GRCto include controls, meaning that
it is important to put certain controls in place to ensure that .................... is happening.
[1]
a. Risk Management
b. Compliance
c. Business Value
d. Improved productivity
3
|
|
4 Page 4 |
▲back to top |
QUESTION 2: TRUE or FALSE
[S]
Write TRUE OR FALSEanswer in the answer book provided
2.1 Risk mitigation is equivalent to implementing a number of IT controls.
[1]
2.2 Enterprise managers are not responsible for implementing and managing internal control
processes.
[1]
2.3. COBIT is a framework of best practices for delivering IT services.
[1]
2.4. Strategic fit recognizes that the IT strategy should be articulated in terms of an external
domain only.
[1]
2.5. ISO is simply how IT teams manage the end-to-end delivery of IT services to customers.
[1]
QUESTION 3: STUCTURED QUESTION
[50]
3.1 Discuss the significance of Enterprise Governance IT?
[5]
3.2 What relationship exist between EGIT,alignment, and value creation?
[5]
3.3 ITIL is a framework of best practices for delivering IT services. Expanding on this answer
the question
a) What is ITIL stands for?
[1]
b) How can ITIL improve my company's business performance?
[5]
3.3 Explain the four objectives of IT Governance
[8]
3.4 GRCis an increasingly recognized term that reflects a new way in which enterprises today
are adopting an integrated approach to these aspects of their business. What does GRC
stand for and define each concept of GRC?
[6]
3.5 Information is a key resource for all enterprises. What benefits do information and
technology bring to enterprises?
[5]
3.6 An enterprise unit or process has good internal controls if it
[5]
4
|
|
5 Page 5 |
▲back to top |
3.7 The COBIT5 process reference model subdivides the IT-related practices and activities of
the enterprise into two main areas-governance and management-with management
further divided into domains of processes. The GOVERNANCE domain contains five
governance processes; within each process, evaluate, direct, and monitor (EDM) practices are
defined. List these processes:
[5]
QUESTION 4: ESSAYWRITING
[35]
4.1 Write an essay to inspire a first year student who registered, as to why Informatics is
important, base your argument on the benefits of doing Information systems strategy and
governance and the graduate attributes you are taking with you to the industry. Pick one
topic to expand on why ISG is important for students and IT Governance experts? [20]
4.2 One of the topics of interest is Governance, Risk management, and compliance. As you
have opted to specialise in Risk Management, you have realised that a strong set of
enterprise-wide GRC principles and components is necessary, and an effective risk
management program is a key component of enterprise GRC principles. Use a diagram
to describe the four interconnected steps in effective enterprise risk management GRC
processes?
[15]
-END OF EXAMS-
5