OGEA-102 Exam Dumps - The Open Group Enterprise Architecture Questions and Answers

Question # 4

Scenario

Your role is that of an Enterprise Architect, reporting to the Chief Enterprise Architect, at a technology company.

The company uses the TOGAF standard as the method and guiding framework for its Enterprise Architecture (EA) practice. The Chief Technology Officer (CTO) is the sponsor of the activity. The EA practice uses an iterative approach for its architecture development. This has enabled the decision-makers to gain valuable insights into the different aspects of the business.

The nature of the business is such that the data and the information stored on the company systems is the company’s major asset and is highly confidential. The company employees travel a lot for work and need to communicate over public infrastructure. They use message encryption, secure internet connections using Virtual Private Networks (VPNs), and other standard security measures. The company has provided computer security awareness training for all its staff. However, despite good education and system security, there is still a need to rely on third-party suppliers for infrastructure and software.

The Chief Security Officer (CSO) has noted an increase in ransomware (malicious software used in ransom demands) attacks on companies with a similar profile. The CSO recognizes that no matter how much is spent on education and support, the company could be a victim of a significant attack that could completely lock them out of their important data.

A risk assessment has been completed, and the company has looked for cyber insurance that covers ransomware. The price for this insurance is very high. The CTO recently saw a survey that said 1 out of 4 businesses that paid ransoms could not get their data back, and almost thesame number were able to recover the data without paying. The CTO has decided not to get cyber insurance to cover ransom payment.

You have been asked to describe the steps you would take to strengthen the current architecture to improve data protection.

Based on the TOGAF standard, which of the following is the best answer?

Options:

You would ensure that the company has in place up-to-date processes for managing change to the current Enterprise Architecture. Based on the scope of the concerns raised, you recommend that this be managed at the infrastructure level. Changes should be made to the baseline description of the Technology Architecture. The changes should be approved by the Architecture Board and implemented by change management techniques.

You would request an Architecture Compliance Review with the scope to examine the company’s ability to respond to ransomware attacks. You would identify the departments involved and have them nominate representatives. You would then tailor checklists to address the requirement for increased resilience. You would circulate to the nominated representatives for them to complete. You would then review the completed checklists, identifying and r

You would monitor for technology updates from your existing suppliers that could enhance the company’s capabilities to detect, react, and recover from an IT security incident. You would prepare and run a disaster recovery planning exercise for a ransomware attack and analyze the performance of the current Enterprise Architecture. Using the findings, you would prepare a gap analysis of the current Enterprise Architecture. You would prepare c

You would assess business continuity requirements and analyze the current Enterprise Architecture for gaps. You would recommend changes to address the situation and create a change request. You would engage the Architecture Board to assess and approve the change request. Once approved, you would create a new Request for Architecture Work to begin an ADM cycle to implement the changes.

Buy Now

Answer:

Explanation:

Comprehensive and Detailed Step-by-Step Explanation

Context of the Scenario

The scenario highlights significant risks due to ransomware attacks and the need to strengthen the company’s Enterprise Architecture to improve data protection and resilience. TOGAF emphasizes the Architecture Compliance Review as a mechanism for ensuring the architecturemeets its objectives and addresses specific concerns such as security, resilience, and compliance with organizational goals.

The organization has already conducted a risk assessment but requires actionable steps to:

Address ransomware attack risks.

Increase the resilience of the Technology Architecture.

Ensure proper alignment with governance and compliance frameworks.

Option Analysis

Option A:

Strengths:

Highlights the need for up-to-date processes for managing changes in the Enterprise Architecture.

Recognizes the importance of governance through the Architecture Board and change management techniques.

Weaknesses:

The approach focuses solely on the Technology Architecture baseline but does not address the need for specific steps such as compliance review, gap analysis, or tailored resilience measures for ransomware risks.

It provides a broad and generic approach rather than a targeted plan for ransomware and data protection issues.

Conclusion: Incorrect. While it adheres to governance processes, it lacks specific actions to improve resilience and address the immediate security concerns.

Option B:

Strengths:

Proposes an Architecture Compliance Review, which is a core TOGAF process used to evaluate architecture implementation against defined objectives, ensuring it is fit for purpose.

Involves identifying stakeholders (departments) and tailoring checklists specific to ransomware resilience.

Emphasizes issue identification and resolution through structured review processes.

Weaknesses:

Does not explicitly address longer-term updates to the Enterprise Architecture, but this can be inferred as a next step following compliance recommendations.

Conclusion: Correct. This is the most suitable approach based on TOGAF principles, as it uses an established process to evaluate and improve the architecture ' s resilience.

Option C:

Strengths:

Includes monitoring for updates from suppliers to enhance detection and recovery capabilities, which is relevant to addressing ransomware risks.

Proposes a gap analysis to identify shortcomings in the current Enterprise Architecture and recommends addressing gaps through change requests.

Incorporates disaster recovery planning exercises, which are useful for testing resilience.

Weaknesses:

While thorough, the approach lacks the Architecture Compliance Review process, which is a more structured way to ensure the architecture meets resilience requirements.

Monitoring suppliers and running disaster recovery exercises are operational steps rather than strategic architectural improvements.

Conclusion: Incorrect. While it includes valid activities, it does not adhere to TOGAF’s structured approach for architecture assessment and compliance.

Option D:

Strengths:

Proposes analyzing business continuity requirements and assessing the architecture for gaps, which is relevant to the scenario.

Suggests initiating an ADM cycle to address gaps, which aligns with TOGAF principles.

Weaknesses:

Focusing on initiating a new ADM cycle may be premature, as the immediate priority is to evaluate the existing architecture and address specific resilience concerns.

Does not mention compliance review or tailored resilience measures for ransomware attacks, which are central to the scenario.

Conclusion: Incorrect. It proposes a broader approach that may not adequately address the immediate concerns highlighted by the CSO.

TOGAF References

Architecture Compliance Review: A structured process used to evaluate whether an architecture meets the stated goals, objectives, and requirements (TOGAF 9.2, Chapter 19). It is particularly useful for identifying and addressing resilience requirements in scenarios involving security risks.

Stakeholder Engagement: Identifying and involving stakeholders (e.g., departments) is a critical part of architecture governance and compliance review (TOGAF 9.2, Section 24.2).

Change Management: The Architecture Compliance Review supports identifying necessary changes, which are then managed through governance and change management processes (TOGAF 9.2, Section 21.6).

By choosing Option B, you align with TOGAF’s structured approach to compliance, resilience, and addressing security concerns.

Question # 5

Scenario:

You are working as an Enterprise Architect at a large company. The company runs a chain of home improvement stores, as well as a website for selling products. The website lets many brands work with the company.

The stores open seven days a week and use a standard method to track sales and inventory. This involves sending accurate and timely sales data to a central inventory management system that can predict demand, adjust stock levels, and automate reordering. The website is supported by regional fulfillment centers and also uses the central inventory management system. The central inventory management system is housed at the company’s central data center.

The company has agreed to merge with a major competitor. The leadership teams of both organizations have said they are committed to a smooth transition for customers. All stores will keep their own brand names. They will combine the systems of the organizations, which includes merging retail operations and systems. Duplicated systems will be replaced with one standard retail management system. Additionally, they will reduce the number of applications being used. The CIO expects that these changes will lead to substantial cost savings for the newly merged company.

An enterprise plan for both organizations has been created. The aim is to set priorities for the transition, especially in terms of information management and application development. It is crucial to make decisions that will create long-term value.

The company has a mature Enterprise Architecture (EA) practice and uses the TOGAF standard for its architecture development method. The EA program is sponsored by the Chief Information Officer (CIO).

The Request for Architecture Work to oversee the transition has been approved. The project has been scoped, and you have been assigned to work on it.

You have been asked to confirm the most relevant architecture principles for the transition.

Based on the TOGAF Standard, which of the following is the best answer?

Options:

Control Technical Diversity, Interoperability, Data is an Asset, Data is Shared, Business Continuity

Service Orientation, Compliance with the Law, Requirements Based Change, Responsive Change Management, Data Security

Common Use Applications, Data is an Asset, Common Vocabulary and Data Definitions, Maximize Benefit to the Enterprise, Business Continuity

Ease of Use, Common Use Applications, Data is an Asset, Technology Independence, Business Continuity

Buy Now

Answer:

Explanation:

The correct answer is C, as it aligns with the key TOGAF principles necessary for guiding enterprise architecture in a merger scenario where retail operations and systems are being consolidated.

Analysis of the Principles in Option C:

Common Use Applications

Since the two companies are merging, it is essential to standardize applications across the enterprise.

Using common applications ensures consistency, reduces costs, and improves efficiency.

TOGAF emphasizes this principle to prevent duplicate or redundant systems, which aligns with the CIO’s goal of reducing the number of applications used.

Data is an Asset

In the scenario, a central inventory management system is a core business function.

Treating data as an asset ensures it is managed properly, shared efficiently, and used strategically across the merged organization.

This principle supports the company’s ability to predict demand, adjust stock levels, and automate reordering.

Common Vocabulary and Data Definitions

The merger requires integrating different systems and data structures.

Having a common vocabulary ensures that all stakeholders (stores, fulfillment centers, and digital platforms) use consistent terminology and data definitions.

This minimizes confusion and ensures interoperability across business functions.

Maximize Benefit to the Enterprise

Every architectural decision should focus on the overall benefit to the business.

By consolidating IT systems and reducing redundancies, the company achieves cost savings, which directly supports this principle.

Business Continuity

The stores operate seven days a week, so system changes must ensure uninterrupted service.

Business continuity ensures that customers are not affected during the transition and that critical retail operations (sales, inventory tracking, and fulfillment) remain functional.

Why Other Options Are Incorrect?

Option A: Control Technical Diversity, Interoperability, Data is an Asset, Data is Shared, Business Continuity

Control Technical Diversity is not the primary concern here. The focus is on system consolidation, not necessarily on limiting technology diversity.

Interoperability is important but not as critical as defining a common system and data structure.

Option B: Service Orientation, Compliance with the Law, Requirements-Based Change, Responsive Change Management, Data Security

While service orientation and compliance are valuable, they are not the most relevant to this specific business transition.

Change management and data security are important but do not address the primary enterprise-wide architectural concerns of system consolidation.

Option D: Ease of Use, Common Use Applications, Data is an Asset, Technology Independence, Business Continuity

Ease of Use is beneficial but is not a core architecture principle in this case.

Technology Independence is useful but does not align directly with the scenario’s priority, which is consolidating applications and data structures.

[References:, TOGAF Standard, ADM Techniques, Architecture Principles (Section 2.6), TOGAF Standard, Part III: ADM Guidelines and Techniques, TOGAF Enterprise Architecture Principles – The Open Group, , , , , , , ]

Question # 6

Please read this scenario prior to answering the question

You are the Chief Enterprise Architect at a large food service company specializing in sales to trade and

wholesale, for example, restaurants and other food retailers.

One of your company ' s competitors has launched a revolutionary product range and is running a very

aggressive marketing campaign. Your company ' s resellers are successively announcing that they are not

interested in your company ' s products and will sell your competitor ' s.

The CEO has stated there must be significant change to address the situation. He has made it clear that

new markets must be found for the company ' s products, and that the business needs to pivot, and address the retail market as well as the existing wholesale market.

A consideration is the company ' s ability and willingness to change its business model, and if it is a temporary or permanent change. An additional risk factor is one of culture. The company has been used to a stable business with a reasonably well known and settled client base - all with its own local understandings and practices.

The CEO is the sponsor of the EA program within the company. You have been engaged with the sales,

logistics, production, and marketing teams, enabling the architecture activity to start. An Architecture Vision, Architecture Principles, and Requirements have all been agreed. As you move forward to develop a possible Target Architecture you have identified that some of the key stakeholders ' preferences are incompatible. The incompatibilities are focused primarily on time-to-market, cost savings, and the need to bring out a fully featured product range, but there are additional factors.

Refer to the scenario

You have been asked how you will address the incompatibilities between key stakeholder preferences.

Based on the TOGAF standard which of the following is the best answer?

Options:

You would seek to understand value preferences and priorities of the stakeholders. You woulddevelop alternative Target Architectures, highlighting the gaps between current state and thealternatives. You would consider combining features from one or more alternatives in collaborationwith the stakeholders. A formal stakeholder review should then be held to decide which alternative isfit for purpose and should be moved forward with. You will t

You recommend that since the CEO has stated that the company must pivot, it is better tocompromise on a full product range rather than time-to-market. You would develop just enough of theTarget Architecture to demonstrate fitness of the proposed approach. You would limit the descriptionto just where there is a gap between the current baseline. You would seek approval by thestakeholders to move forward with developing the Target Architecture

You would use the Architecture Vision, Principles, and Requirements to define a set of criteria foralternatives and create a set of architecture views to illustrate the impact of the alternative TargetArchitectures. You would identify the impact on planned projects. You would understand the strengthsand weaknesses of the alternatives. You would conduct a formal stakeholder review to decide whichalternative to move forward with. You will de

You would review the Stakeholder Map and ensure that you have addressed and represented theconcerns of all department heads. You will involve them in resolving the incompatibilities. TheCommunications Plan should include a report that summarizes the key features of the architecturewith and how incompatibilities were resolved to reflects the stakeholders ' requirements. You willcheck with each key stakeholder they are satisfied with how the

Buy Now

Question # 7

Please read this scenario prior to answering the question

You are serving as the Lead Architect for an Enterprise Architecture team within a leading multinational biotechnology company. The company works in three major industries, including healthcare, crop production, and agriculture. Your team works within the healthcare division.

The healthcare division is developing a new vaccine, and has to demonstrate its effectiveness and safety in a set of clinical trials that satisfy the regulatory requirements of the relevant health authorities. The clinical trials are undertaken by its research laboratories at multiple facilities worldwide. In addition to internal research and development activities, the healthcare division is also involved in publicly funded collaborative research projects with industrial and academic partners.

The Enterprise Architecture team has been engaged in an architecture project to develop a secure system that will allow the healthcare researchers to share information more easily about their clinical trials, and work more collaboratively across the organization and also with its partners. This system will also connect with external partners.

The Enterprise Architecture team uses the TOGAF ADM with extensions required to support healthcare manufacturing practices and laboratory practices. Due to the highly sensitive nature of the information that is managed, special care has been taken to ensure that each architecture domain considers the security and privacy issues that are relevant.

The Vice President for Worldwide Clinical Research is the sponsor of the Enterprise Architecture activity. She has stated that disruptions must be minimized for the clinical trials, and that the rollout must be undertaken incrementally.

Refer to the scenario

You have been asked to recommend the approach to identify the work packages for an incremental rollout meeting the requirements.

Based on the TOGAF standard which of the following is the best answer?

Options:

You recommend that the Solution Building Blocks from a Consolidated Gaps, Solutions and Dependencies Matrix be grouped into a set of work packages. Using the matrix as a planning tool, regroup the work packages to account for dependencies. Sequence the work packages into the Capability Increments needed to achieve the Target Architecture, so that the implementation team can schedule the rollout one region at a time to minimize disruption. D

You recommend that a Consolidated Gaps. Solutions and Dependencies Matrix is used as a planning tool for creating work packages. For each gap classify whether the solution is either a new development, purchased solution, or based on an existing product. Group the similar solutions together to define the work packages. Regroup the work packages into a set of Capability Increments to transition to the Target Architecture considering the sched

You recommend that an Implementation Factor Catalog is drawn up to indicate actions and constraints. A Consolidated Gaps. Solutions and Dependencies Matrix should also be created. For each gap. identify a proposed solution and classify it as new development, purchased solution, or based on an existing product. Group similar activities together to form work packages. Identify dependencies between work packages factoring in the clinical trial

You recommend that the set of required Solution Building Blocks be determined by identifying those which need to be developed and which need to be procured. Eliminate any duplicates. Group the remaining Solution Building Blocks together to create the work packages using a CRUD (create, read, update, delete) matrix. Rank the work packages and select the most cost-effective options for inclusion in a series of Transition Architectures. Schedu

Buy Now

Answer:

Explanation:

A Consolidated Gaps, Solutions and Dependencies Matrix is a technique that can be used to create work packages for an incremental rollout of the architecture. A work package is a set of actions or tasks that are required to implement a specific part of the architecture. A work package can be associated with one or more Architecture Building Blocks (ABBs) or Solution Building Blocks (SBBs), which are reusable components of business, IT, or architectural capability. A work package can also be associated with one or more Capability Increments, which are defined, discrete portions of the overall capability that deliver business value. A Capability Increment can be realized by one or more Transition Architectures, which are intermediate states of the architecture that enable the transition from the Baseline Architecture to the Target Architecture123

The steps for creating work packages using this technique are:

For each gap between the Baseline Architecture and the Target Architecture, identify a proposed solution and classify it as new development, purchased solution, or based on an existing product. A gap is a difference or deficiency in the current state of the architecture that needs to be addressed by the future state of the architecture. A solution is a way of resolving a gap by implementing one or more ABBs or SBBs.

Group similar solutions together to define the work packages. Similar solutions are those that have common characteristics, such as functionality, technology, vendor, or location.

Identify dependencies between work packages, such as logical, temporal, or resource dependencies. Dependencies indicate the order or priority of the work packages, and the constraints or risks that may affect their implementation.

Regroup the work packages into a set of Capability Increments to transition to the Target Architecture. Capability Increments should be defined based on the business value, effort, and risk associated with each work package, and the schedule and objectives of the clinical trials. Capability Increments should also be aligned with the Architecture Vision and the Architecture Principles.

Document the work packages and the Capability Increments in an Architecture Definition Increments Table, which shows the mapping between the work packages, the ABBs, the SBBs, and the Capability Increments. The table also shows the dependencies, assumptions, and issues related to each work package and Capability Increment.

Therefore, the best answer is B, because it describes the approach to identify the work packages for an incremental rollout meeting the requirements, using the Consolidated Gaps, Solutions and Dependencies Matrix as a planning tool.

1: The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 30: Gap Analysis 2: The TOGAF Standard, Version 9.2, Part IV: Architecture Content Framework, Chapter 36: Building Blocks 3: The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 31: Architecture Change Management : The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 23: Phase E: Opportunities and Solutions : The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 21: Phase F: Migration Planning : The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 18: Phase A: Architecture Vision : The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 23: Architecture Principles

Question # 8

Please read this scenario prior to answering the question

You have been appointed as Chief Enterprise Architect (CEA). reporting to the Chief Technical Officer (CTO), of a company established as a separate operating entity by a major automotive manufacturer. The mission of the company is to build a new industry leading unified technology and software platform for electric vehicles.

The company uses the TOGAF Standard as the basis for its Enterprise Architecture (EA) framework, and architecture development follows the purpose-based EA Capability model as described in the TOGAF Series Guide: A Practitioners ' Approach to Developing Enterprise Architecture Following the TOGAF® ADM.

An end-to-end Target Architecture has been completed with a roadmap for change over a five-year period. The new platform will be a cross-functional effort between hardware and software teams, with significant changes over the old platform. It is expected to be developed in several stages over three years. The EA team has inherited the architecture for the previous generation hardware and software automotive platform, some of which can be carried over to the new unified platform. The EA team has started to define the new platform, including defining which parts of the architecture to carry forward.

Enough of the Business Architecture has been defined, so that work can commence on the Information Systems and Technology Architectures. Those need to be defined to support the core business services that the company plans to provide. The core services will feature an innovative approach with swarm data generated by vehicles, paving the way for autonomous driving in the future.

The presentation and access to different variations of data that the company plans to offer through its platform pose an architecture challenge. The application portfolio and supporting infrastructure need to interact with various existing cloud services and data-

Refer to the scenario

You have been asked what approach should be taken to determine and organize the work to deliver the requested architectures?

Based on the TOGAF standard which of the following is the best answer?

Options:

You would look outside the enterprise to research data models and application portfolios of leading big data businesses. You would develop just enough applications, data, and technology architecture to identify options. For each project this should include identification of candidate architecture and solution building blocks. You will identify solution providers, perform a readiness assessment, and assess the viability and fitness of the so

You would refer to the end-to-end Target Architecture for guidance and direction. The first objective should be to identify projects, dependencies and synergies, then prioritize before initiating the projects. You will develop high-level architecture descriptions. For each project you would estimate effort size, identify reference architectures, and candidate building blocks. You will identify the resource needs considering cost and value.

You will revisit ADM Phase A. identifying the stakeholders and creating a new Architecture Vision. You will update the Stakeholder map produced for the strategic architecture so it reflects the stakeholders who are now the most relevant to the projects that are to be developed. You would then ask the CTO to make some decisions about the Architecture Roadmap, and update the Implementation and Migration Plan to reflect the decisions.

You will research leading data businesses, developing high-level Target Data, Application and Technology Architectures. You would review the Architecture Vision in order to estimate the level of detail, time, and breadth of the ADM cycle phases that will be needed to develop the architecture. You will identify and cost major work packages, and then develop an Architecture Roadmap. You would then seek approval by the Architecture Board and i

Buy Now

Answer:

Explanation:

The Target Architecture is a description of the future state of the architecture that addresses the business goals and drivers, and satisfies the stakeholder requirements and concerns. The Target Architecture is developed through the Architecture Development Method (ADM), which is the core process of the TOGAF standard that guides the development and management of the enterprise architecture. The Target Architecture is typically divided into four domains: Business, Data, Application, and Technology. The Target Architecture also includes a roadmap for change, which defines the Transition Architectures, the Capability Increments, and the work packages that enable the transition from the Baseline Architecture to the Target Architecture12

The best answer is B, because it describes the approach that should be taken to determine and organize the work to deliver the requested architectures, which are the Information Systems and Technology Architectures. The answer covers the following steps:

Refer to the end-to-end Target Architecture for guidance and direction. The end-to-end Target Architecture provides the overall vision, scope, and objectives of the architecture work, and the alignment with the business strategy and goals. The end-to-end Target Architecture also provides the high-level definitions and principles for the four architecture domains, and the roadmap for change that outlines the major milestones and deliverables.

Identify projects, dependencies and synergies, then prioritize before initiating the projects. Projects are the units of work that implement the architecture work packages, which are the sets of actions or tasks that are required to implement a specific part of the architecture. Dependencies are the relationships and constraints that affect the order or priority of the projects, such as logical, temporal, or resource dependencies. Synergies are the benefits or advantages that result from the combination or coordination of the projects, such as cost savings, efficiency gains, or innovation opportunities. Prioritization is the process of ranking the projects according to their importance, urgency, or value, and assigning resources and schedules accordingly.

Develop high-level architecture descriptions. High-level architecture descriptions are the outputs of the architecture development phases (B, C, and D) of the ADM cycle, which describe the Business, Data, Application, and Technology Architectures in terms of the Architecture Building Blocks (ABBs) and the Solution Building Blocks (SBBs), which are reusable components of business, IT, or architectural capability. High-level architecture descriptions also include the Architecture Views, which are representations of the system of interest from the perspective of one or more stakeholders and their concerns.

For each project, estimate effort size, identify reference architectures, and candidate building blocks. Effort size is the measure of the amount of work, time, or resources required to complete a project. Effort size can be estimated using various techniques, such as analogy, expert judgment, parametric, or bottom-up. Reference architectures are standardized architectures that provide a common framework and vocabulary for a specific domain or industry. Reference architectures can be used as a source of best practices, patterns, and models for the architecture development. Candidate building blocks are the potential ABBs or SBBs that can be used to implement the architecture. Candidate building blocks can be identified from the Architecture Repository, which is a collection of architecture assets, such as models, patterns, principles, standards, and guidelines.

Identify the resource needs considering cost and value. Resource needs are the specifications and criteria that define the acceptable level and quality of the resources required to complete the project, such as human, financial, physical, or technological resources. Resource needs can be identified by analyzing the scope, complexity, and dependencies of the project, and the availability, capability, and suitability of the resources. Cost and value are the factors that influence the allocation and utilization of the resources, such as the budget, the return on investment, the benefits, or the risks.

Document options, risks, and controls to enable viability analysis and trade-off with the stakeholders. Options are the alternative ways of achieving the project objectives, such as different solutions, technologies, vendors, or approaches. Risks are the effects of uncertainty on the project objectives, such as threats or opportunities. Controls are the measures or actions that are taken to prevent, reduce, or mitigate the risks, such as policies, procedures, or standards. Viability analysis is the process of evaluating and comparing the options, risks, and controls, and determining the feasibility, suitability, and desirability of each option. Trade-off is the decision outcome that balances and reconciles the multiple, often conflicting, requirements and concerns of the stakeholders, and ensures alignment with the Architecture Vision and the Architecture Principles.

1: The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 5: Introduction to the ADM 2: The TOGAF Standard, Version 9.2, Part IV: Architecture Content Framework, Chapter 36: Building Blocks : The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 18: Phase A: Architecture Vision : The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 19: Phase B: Business Architecture : The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 20: Phase C: Information Systems Architectures : The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 21: Phase F: Migration Planning : The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 23: Architecture Principles : The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 30: Trade-Off Analysis : The TOGAF Standard, Version 9.2, Part VI: Architecture Capability Framework, Chapter 46: Tools for Architecture Development : The TOGAF Standard, Version 9.2, Part VI: Architecture Capability Framework, Chapter 47: Architecture Board : The TOGAF Standard, Version 9.2, Part VI: Architecture Capability Framework, Chapter 48: Architecture Compliance : The TOGAF Standard, Version 9.2, Part VI: Architecture Capability Framework, Chapter 49: Architecture Contract : The TOGAF Standard, Version 9.2, Part VI: Architecture Capability Framework, Chapter 50: Architecture Governance : The TOGAF Standard, Version 9.2, Part VI: Architecture Capability Framework, Chapter 51: Architecture Maturity Models : The TOGAF Standard, Version 9.2, Part VI: Architecture Capability Framework, Chapter 52: Architecture Skills Framework

Question # 9

Please read this scenario prior to answering the question

Your role is that of a consultant to the Lead Enterprise Architect in a multinational automotive manufacturer.

The company has a corporate strategy that focuses on electrification of its portfolio, and it has invested

heavily in a new shared car platform to use across all its brands. The company has four manufacturing

facilities, one in North America, two in Europe, and one in Asia.

A challenge that the company is facing is to scale up the number of vehicles coming off the production line to meet customer demand, while maintaining quality. There are significant supply chain shortages for electronic components, which are impacting production. In response to this the company has taken on new suppliers and has also taken design and production of the battery pack in-house.

The company has a mature Enterprise Architecture practice. The TOGAF standard is used for developing

the process and systems used to design, manufacture, and test the battery pack. The Chief Information

Officer and the Chief Operating Officer co-sponsor the Enterprise Architecture program.

As part of putting the new battery pack into production, adjustments to the assembly processes need to be made. A pilot project has been completed at a single location. The Chief Engineer, sponsor of the activity, and the Architecture Board have approved the plan for implementation and migration at each plant.

Draft Architecture Contracts have been developed that detail the work needed to implement and deploy the new processes for each location. The company mixes internal teams with a few third-party contractors at the locations. The Chief Engineer has expressed concern that the deployment will not be consistent and of acceptable quality.

Refer to the scenario

The Lead Enterprise Architect has asked you to review the draft Architecture Contracts and recommend the best approach to address the Chief Engineer ' s concern.

Based on the TOGAF Standard, which of the following is the best answer?

Options:

For changes requested by an internal team, you recommend a memorandum of understandingbetween the Architecture Board and the implementation organization. For contracts issued to third-party contractors, you recommend that it is a fully enforceable legal contract. You recommend thatthe Architecture Board reviews all deviations from the Architecture Contract and considers whether togrant a dispensation to allow the implementation organization

For changes undertaken by internal teams, you recommend a memorandum of understandingbetween the Architecture Board and the implementation organization. If a contract is issued to acontractor, you recommend that it is a fully enforceable legal contract. If a deviation from theArchitecture Contract is found, you recommend that the Architecture Board grant a dispensation toallow the implementation organization to customize the process to meet

You review the contracts ensuring that they address project objectives, effectiveness metrics,acceptance criteria, and risk management. Third-party contracts must be legally enforceable. Yourecommend a schedule of compliance reviews at key points in the implementation process. Yourecommend that the Architecture Board reviews all deviations from the Architecture Contract andconsiders whether to grant a dispensation to allow the process to be

You recommend that the Architecture Contracts be used to manage the architecture governanceprocesses across the locations. You recommend deployment of monitoring tools to assess theperformance of each completed battery pack at each location and develop change requirements ifnecessary. If a deviation from the contract is detected, the Architecture Board should allow theArchitecture Contract to be modified meet the local needs. In such cases

Buy Now

Answer:

Explanation:

According to the TOGAF Standard, Version 9.2, an Architecture Contract is a joint agreement between development partners and sponsors on the deliverables, quality, and fitness-for-purpose of an architecture1. It defines the scope, responsibilities, and governance of the architecture work, and ensures the alignment and compliance of the architecture with the business goals and objectives1.

In the scenario, the Lead Enterprise Architect has asked you to review the draft Architecture Contracts and recommend the best approach to address the Chief Engineer’s concern about the consistency and quality of the deployment of the new processes for the battery pack production at each location.

The best answer is C, because it follows the guidelines and best practices for defining and using Architecture Contracts as described in the TOGAF Standard, Version 9.22. It ensures that the contracts cover the essential aspects of the project objectives, effectiveness metrics, acceptance criteria, and risk management, and that they are legally enforceable for third-party contractors. It also recommends a schedule of compliance reviews at key points in the implementation process, and a mechanism for handling any deviations from the Architecture Contract, involving the Architecture Board and the possibility of granting a dispensation to allow the process to be customized for local needs.

The other options are not correct because they either23:

A. For changes requested by an internal team, you recommend a memorandum of understanding between the Architecture Board and the implementation organization. For contracts issued to third-party contractors, you recommend that it is a fully enforceable legal contract. You recommend that the Architecture Board reviews all deviations from the Architecture Contract and considers whether to grant a dispensation to allow the implementation organization to customize the process to meet their local needs.: This option does not address the need to review the contracts to ensure that they address the project objectives, effectiveness metrics, acceptance criteria, and risk management. It also does not recommend a schedule of compliance reviews at key points in the implementation process. Moreover, it suggests that a memorandum of understanding is sufficient for internal teams, which may not be legally binding or enforceable.

B. For changes undertaken by internal teams, you recommend a memorandum of understanding between the Architecture Board and the implementation organization. If a contract is issued to a contractor, you recommend that it is a fully enforceable legal contract. If a deviation from the Architecture Contract is found, you recommend that the Architecture Board grant a dispensation to allow the implementation organization to customize the process to meet their local needs.: This option has the same problems as option A, and also implies that the Architecture Board should always grant a dispensation for any deviation, which may not be appropriate or desirable in some cases.

D. You recommend that the Architecture Contracts be used to manage the architecture governance processes across the locations. You recommend deployment of monitoring tools to assess the performance of each completed battery pack at each location and develop change requirements if necessary. If a deviation from the contract is detected, the Architecture Board should allow the Architecture Contract to be modified meet the local needs. In such cases they should issue a new Request for Architecture Work.: This option does not address the need to review the contracts to ensure that they address the project objectives, effectiveness metrics, acceptance criteria, and risk management. It also does not recommend a schedule of compliance reviews at key points in the implementation process. Moreover, it suggests that the Architecture Board should always allow the Architecture Contract to be modified for any deviation, which may not be appropriate or desirable in some cases. It also implies that a new Request for Architecture Work should be issued for each deviation, which may not be necessary or feasible.

1: The TOGAF Standard, Version 9.2, Chapter 3: Definitions and Terminology, Section 3.1: Terms and Definitions

2: The TOGAF Standard, Version 9.2, Chapter 43: Architecture Contracts

3: The TOGAF Standard, Version 9.2, Chapter 44: Architecture Governance

Question # 10

Scenario

You are working as an Enterprise Architect within an Enterprise Architecture (EA) team at a global company that sells consumer products. The company produces many products that buyers use and enjoy.

The company has announced a major change to its products that will occur over a four-year period. This change includes the introduction of digital products and services. An architecture to support this strategy has been finished, along with a roadmap for a set of projects to implement this significant change. This will be a cross-functional effort between the product design and software teams. It is planned to be developed in phases.

The company faces a challenge in presenting and providing access to different services through its products and digital platforms while ensuring compliance with data privacy laws. In some countries and regions, the data residency requirements mean that the company has to store certain data within the region where it is collected. As a result, the company’s application portfolio and infrastructure must connect with various cloud services and data repositories in different countries.

The EA team has inherited the architecture used by the current products, some of which can be carried over to the new products. The EA team has started to define which parts of the architecture to carry forward. Enough of the Business Architecture has been defined so that work can commence on the Information Systems and Technology Architectures. Those architectures need to be defined to support the key digital services that the company plans to provide.

The company uses the TOGAF Standard as the foundation for its Enterprise Architecture framework, and architecture development follows the purpose-based EA Capability model outlined in the TOGAF Series Guide: A Practitioner’s Approach to Developing Enterprise Architecture Following the TOGAF ADM. The EA team reports to the Chief Information Officer (CIO), who oversees the program.

You have been asked how to decide and organize the work to deliver the requested architectures.

Based on the TOGAF standard, which of the following is the best answer?

Options:

You refer to the superior architecture for guidance. You review the projects identified, their dependencies, and synergies, then decide the sequence for starting the projects. You develop high-level architecture descriptions. For each project, you determine how much work is needed, identify reference architectures, and candidate building blocks. You identify the resource needs taking into account cost and value. You document the different o

You look outside the company to study how other companies organize their data models and application portfolios. You create just enough architecture description for the Application, Data, and Technology Architectures to identify the different options. For each project, this includes identification of candidate architecture and solution building blocks. You then identify solution providers, perform a readiness assessment, and assess the viab

You research leading data companies, using your findings to help in developing high-level Target Data, Application, and Technology Architectures. You review the Architecture Vision to determine the level of detail, time, and scope of the ADM cycle phases required for each project. You identify and estimate the cost of the main resources. You then prepare an Architecture Roadmap and request the Architecture Board to review the roadmap. You t

You commence an iteration of ADM Phase A, identifying the stakeholders and revising the Architecture Vision. You perform a Stakeholder Analysis and update the Stakeholder Map. You conduct workshops and interviews to reflect the stakeholders who are now the key drivers for the digital products and services. You coordinate with the CIO to ensure alignment with the overall roadmap and update the Implementation and Migration Plan accordingly.

Buy Now

Answer:

Explanation:

Comprehensive and Detailed Step-by-Step Explanation

Context of the Scenario

The company is in the process of delivering requested architectures to support the introduction of digital products and services. The Business Architecture is sufficiently defined, and the focus is on developing the Information Systems and Technology Architectures.

TOGAF emphasizes breaking down large, complex transformation programs into manageable projects, focusing on dependencies, risks, trade-offs, and sequencing of efforts. Based on the scenario, the company must deal with:

Data privacy and residency compliance across different regions.

Re-use of existing architecture for efficiency.

Alignment of digital services with a global roadmap.

The activity described aligns with ADM Phases B (Business Architecture), C (Information Systems Architecture), and D (Technology Architecture), with a focus on delivering architectures for implementation.

Option Analysis

Option A:

Strengths:

Refers to developing high-level architecture descriptions and identifying reference architectures and candidate building blocks, which align with ADM Phases B, C, and D.

Addresses feasibility analysis, trade-offs, and stakeholder engagement, which are part of architecture development and decision-making in TOGAF.

Ensures that the architecture descriptions are resource-conscious, including cost and value analysis, dependencies, risks, and synergies between projects.

Conclusion: Correct, as it provides a complete approach to organizing the work to deliver architectures while adhering to TOGAF principles.

Option B:

Strengths:

Suggests creating architecture descriptions for the Application, Data, and Technology Architectures, which are necessary for delivering requested architectures.

Addresses readiness assessments and the fitness of solutions.

Weaknesses:

Emphasizes looking outside the company and studying other companies’ models, which is not necessarily aligned with TOGAF unless justified by specific gaps.

Skips essential TOGAF steps like feasibility analysis and detailed stakeholder engagement.

Conclusion: Incorrect, as it places undue emphasis on external research instead of leveraging TOGAF’s structured ADM.

Option C:

Strengths:

Suggests reviewing the Architecture Vision and determining scope, which aligns with TOGAF principles.

Proposes preparing an Architecture Roadmap and involving the Architecture Board for review.

Weaknesses:

Does not cover important elements such as candidate building blocks, feasibility analysis, or stakeholder engagement.

Suggests starting the project prematurely without proper sequencing or risk trade-offs.

Conclusion: Incorrect, as it skips key steps and lacks a structured approach to dependencies and resource management.

Option D:

Strengths:

Suggests revising the Architecture Vision and conducting a Stakeholder Analysis, which aligns with Phase A of the ADM.

Weaknesses:

Returning to Phase A is not required here, as the Architecture Vision has already been defined. Revising the vision at this stage indicates a step backward.

Lacks focus on feasibility analysis, dependencies, and sequencing, which are the immediate needs in this phase.

Conclusion: Incorrect, as it unnecessarily revisits earlier ADM phases instead of progressing.

TOGAF References

ADM Phases B, C, D: Emphasizes developing detailed architectures, identifying candidate building blocks, and addressing dependencies, risks, and resource needs (TOGAF 9.2, Chapters 8-10).

Architecture Roadmap and Feasibility Analysis: Guides sequencing and trade-offs for implementation (TOGAF 9.2, Section 12.4).

Stakeholder Engagement: Critical for ensuring alignment and feasibility (TOGAF 9.2, Section 24.2).

Decision-Making and Trade-offs: TOGAF emphasizes documenting risks and trade-offs as part of feasibility analysis (TOGAF 9.2, Section 6.4.1).

Question # 11

Scenario

You are working as an Enterprise Architect within an Enterprise Architecture (EA) team at a large government agency. The agency has multiple divisions.

The agency has a well-established EA practice and follows the TOGAF standard as its method for architecture development. Along with the EA program, the agency also uses various management frameworks, including business planning, project/portfolio management, and operations management. The EA program is sponsored by the Chief Information Officer (CIO), who has actively promoted architecting with agility within the EA department as her preferred approach for projects.

The government has mandated that the agency prepare themselves for an Artificial Intelligence (AI)-first world, which they have called their “AI-first” plan. As a result, the agency is looking to determine the impact and role that AI will play moving forward. The CIO has approved a Request for Architecture Work to look at how AI can be used for services across the agency. She has noted that digital platforms will be a priority for investment in order to scale the AI applications planned. Using AI to automate tasks and make things run smoother is seen as a big advantage. Process automation and improved efficiency from manual, repetitive activities have been identified as the key benefits of applying generative AI to their agency’s business. This will include back-office automation, for example, for help center agents who receive hundreds of email inquiries. This should also improve services for citizens by making them more efficient and personalized, tailored to each individual’s needs.

Many of the agency leaders are worried about relying too much on AI. Some leaders think their employees will need to learn new skills. Some employees are worried they might lose their jobs to AI. Other leaders worry about security and cyber resilience in the digital platforms needed for AI to be successful.

The leader of the Enterprise Architecture team has asked for your suggestions on how to address the concerns, and how to manage the risks of a new architecture for the AI-first project.

Based on the TOGAF standard, which of the following is the best answer?

Options:

You recommend creating an Organization Map to display the links between different parts of the agency. This will help the EA team to find and involve all areas of the agency impacted by this strategic change. Multiple business models should then be created that can be applied to AI-related projects. A meeting will be held with the stakeholders to teach them how to interpret the models and see how their concerns are being addressed. Risk wil

You recommend that the key stakeholders be formally identified. This should include those who will be most helpful for the change to be successful. A Communication Plan should be made to address their needs. This plan should include a report that summarizes the key features of the architecture based on stakeholder requirements and addressing concerns. You communicate with each key stakeholder to make sure their concerns are being addressed.

You recommend conducting an analysis of the stakeholders. This involves documenting the positions, concerns, issues, and cultural factors of each group. This information will shape how the architecture is to be presented and communicated. The concerns and relevant views can then be defined for each group and recorded in the Architecture Vision document. The requirements for addressing risk should be recorded in the Architecture Requirement

You recommend conducting an analysis that separates the different types of stakeholders into groups. They can be divided into categories: corporate functions, end-user organization, project team, external vendors, and external partners. A model will be developed for each stakeholder category to ensure that all the necessary information and actions are taken into account. Meetings will be arranged with stakeholders to verify that their conce

Buy Now

Answer:

Explanation:

Comprehensive and Detailed Step-by-Step Explanation

Context of the Scenario

The agency is initiating a strategic “AI-first” plan to transform processes using AI and improve efficiency while ensuring service improvements for citizens. Several stakeholder concerns have been raised, such as:

Job security for employees.

Skill development for adapting to new technologies.

Cybersecurity and resilience risks due to reliance on digital platforms.

TOGAF emphasizes the importance of stakeholder management, communication, and risk management to ensure successful adoption and implementation of new architecture. These concerns need to be addressed methodically by gathering requirements, analyzing stakeholder positions, and ensuring proper communication of risks and benefits.

Option Analysis

Option A:

Strengths:

Proposes creating an Organization Map to identify the links between different parts of the agency and the impact of the strategic change.

Suggests holding stakeholder meetings to address concerns.

Includes managing risks as part of Security Architecture development.

Weaknesses:

Focusing solely on creating business models and teaching stakeholders how to interpret them does not directly address cultural and positional concerns about job loss, skill development, and security.

Risk management is addressed as part of Security Architecture development but lacks broader integration into stakeholder requirements.

Conclusion: Incorrect, as it fails to systematically document stakeholder concerns and map them into requirements and architecture decisions.

Option B:

Strengths:

Highlights the importance of formal stakeholder identification and creating a Communication Plan.

Suggests addressing stakeholder concerns through communication and risk management.

Weaknesses:

Does not go into detail on analyzing stakeholder concerns, cultural positions, or specific requirements.

Lacks the inclusion of stakeholder feedback in architecture artifacts like the Architecture Vision or Requirements Specification, which are critical TOGAF outputs.

Conclusion: Incorrect, as it does not include a systematic and structured approach for stakeholder analysis and integration into architecture deliverables.

Option C:

Strengths:

Emphasizes conducting a thorough stakeholder analysis to document concerns, positions, and cultural factors, which aligns with TOGAF’s approach in Phase A (Architecture Vision).

Ensures stakeholder views and requirements are recorded in the Architecture Vision document and reflected in the Architecture Requirements Specification.

Includes continuous assessment and feedback, ensuring concerns are addressed and risks managed effectively.

Aligns with TOGAF ' s principle of involving stakeholders in architecture development to ensure alignment and success.

Weaknesses:

Could further detail how risk management is included across all phases, but this is implied through integration into the Architecture Requirements Specification.

Conclusion: Correct, as it provides a structured and detailed approach for addressing stakeholder concerns and managing risks within TOGAF’s framework.

Option D:

Strengths:

Suggests categorizing stakeholders into groups and creating models for each category.

Proposes arranging meetings to verify that concerns have been addressed.

Includes risk management as part of the process.

Weaknesses:

Dividing stakeholders into generic categories (e.g., corporate functions, project team) may not adequately capture specific cultural factors and concerns raised in the scenario.

Lacks integration of stakeholder feedback into architecture deliverables such as the Architecture Vision and Architecture Requirements Specification.

Conclusion: Incorrect, as it provides a generalized and less targeted approach to stakeholder concerns compared to Option C.

TOGAF References

Stakeholder Management (Phase A): TOGAF emphasizes analyzing stakeholders’ positions, concerns, and issues to shape architecture development and communication (TOGAF 9.2, Section 24.2).

Architecture Vision: Captures high-level requirements and stakeholder views to ensure alignment with business goals (TOGAF 9.2, Section 6.2).

Architecture Requirements Specification: Records detailed requirements, including those related to risk management, to guide the development of target architectures (TOGAF 9.2, Section 35.5).

Iterative Feedback: Regular assessments and feedback loops are critical to ensure stakeholder concerns are addressed effectively throughout the ADM cycle.

By selecting Option C, the approach adheres to TOGAF ' s principles of stakeholder analysis, communication, and integration of concerns into architecture development.

Question # 12

Scenario:

You are working as an Enterprise Architect within an Enterprise Architecture (EA) team at an electric vehicle manufacturer. The company produces electric cars and battery systems. The goal of the company is to build the best technology and software platform for electric vehicles.

The company has decided to introduce a major change to its vehicle design over a five-year period. This will be a cross-functional effort between hardware and software teams, delivering significant new features in the vehicles they manufacture. It is planned to be developed in phases.

An architecture to support strategy has been completed with a roadmap for a set of projects.

The EA team has inherited the architecture for the hardware and software automotive platform used by current vehicles, some of which can be carried over to the new vehicle design. The EA team has started to define which parts of the architecture to carry forward.

The presentation and access to different variations of data that the company plans to offer through its vehicles creates an architecture challenge. The application portfolio and supportinginfrastructure must connect with multiple cloud services and data repositories in different countries to be able to handle large-scale data.

Enough of the Business Architecture has been defined, so that work can commence on the Information Systems and Technology Architectures. These architectures need to be defined to support the primary business services that the company plans to provide. These services will manage and process the data created by vehicles, paving the way for self-driving vehicles in the future.

The company uses the TOGAF Standard as the basis for its Enterprise Architecture framework.

The EA team reports to the Chief Technical Officer (CTO), who is the sponsor of the EA program.

The CTO requires that the EA team follow the purpose-based EA Capability model as described in:

The TOGAF Series Guide: A Practitioners’ Approach to Developing Enterprise Architecture Following the TOGAF® ADM.

Refer to the scenario:

You have been asked how to decide and organize the work to deliver the requested architectures.

Based on the TOGAF standard, which of the following is the best answer?

Options:

You commence an iteration of ADM Phase A, identifying the stakeholders and revising the Architecture Vision. You perform a Stakeholder Analysis and update the Stakeholder Map created for the strategic architecture so it reflects the stakeholders who are now the most important to the projects that are to be developed. You then request the CTO to make some choices about the Architecture Roadmap and update the Implementation and Migration Pla

You research leading data companies, using your findings to help in developing high-level Target Data, Application, and Technology Architectures. You review the Architecture Vision to determine the level of detail, time, and scope of the ADM cycle phases required for architecture development for the project. You identify and estimate the cost of the main work packages. You then create an Architecture Roadmap and request the Architecture Boa

You look to the superior architecture to help plan your approach. You identify projects, dependencies, and synergies, then decide the order for starting the projects. You then develop high-level architecture descriptions. For each project, you determine how much work is needed, identify reference architectures, and candidate building blocks. You identify the resource needs taking into account cost and value. You document the different optio

You look outside the company to study how other companies organize their data models and application portfolios. You request just enough architecture description for the Application, Data, and Technology Architectures to identify different options. For each project, this includesidentifying architecture and solution building blocks. You then identify solution providers and perform a readiness assessment on the new approaches.

Buy Now

Answer:

Explanation:

The correct answer is C, as it aligns with the TOGAF ADM approach and best practices for organizing architecture work in a phased and structured manner.

Analysis of the Correct Answer (Option C):

Identifying Projects, Dependencies, and Synergies

The scenario describes a phased approach to vehicle development over five years.

Identifying dependencies ensures a logical and structured rollout of technology and business capabilities.

Developing High-Level Architecture Descriptions

Since Business Architecture is already defined, it is now time to develop high-level descriptions of Information Systems and Technology Architectures.

TOGAF emphasizes incremental and iterative refinement, meaning that starting with high-level descriptions is a logical first step.

Determining Workload and Resource Allocation

TOGAF ADM Phase B, C, and D involve creating architecture descriptions.

Understanding how much work is required ensures efficient resource planning and allocation.

Identifying Reference Architectures and Building Blocks

Using reference architectures and reusable architecture building blocks (ABBs) is a key best practice in TOGAF.

This enables efficiency and consistency in architecture development.

Evaluating Costs, Risks, and Feasibility

TOGAF emphasizes a risk-aware approach to enterprise architecture.

Documenting options, risks, and control measures ensures feasibility before execution.

Why Other Options Are Incorrect?

Option A: Initiating ADM Phase A Again

Incorrect because the scenario states that the Architecture Vision has already been completed.

Phase A is used for initial vision-setting, but at this point, the focus is on executing defined architectures.

Option B: Researching Data Companies for Target Architecture Development

Incorrect because the focus should be on defining internal architectures rather than external research.

While benchmarking best practices can be useful, it is not the primary activity at this stage.

Option D: Studying Other Companies and Performing Readiness Assessment

Incorrect because the focus should be on leveraging the organization ' s existing architecture and resources.

Solution provider readiness assessments are typically part of procurement, not enterprise architecture development.

[References:, TOGAF Standard, ADM Guidelines and Techniques, TOGAF Standard, ADM Phase B, C, and D – Developing the Architecture, The TOGAF Series Guide: A Practitioners’ Approach to Developing Enterprise Architecture Following the TOGAF® ADM, , , , , , ]

Question # 13

Please read this scenario prior to answering the question

You have been appointed as senior architect working for an autonomous driving technology development company. The mission of the company is to build an industry leading unified technology and software platform to support connected cars and autonomous driving.

The company uses the TOGAF Standard as the basis for its Enterprise Architecture (EA) framework. Architecture development within the company follows the purpose-based EA Capability model as described in the TOGAF Series Guide: A Practitioners ' Approach to Developing Enterprise Architecture Following the TOGAF® ADM.

An architecture to support strategy has been completed defining a long-range Target Architecture with a roadmap spanning five years. This has identified the need for a portfolio of projects over the next two years. The portfolio includes development of travel assistance systems using swarm data from vehicles on the road.

The current phase of architecture development is focused on the Business Architecture which needs to support the core travel assistance services that the company plans to provide. The core services will manage and process the swarm data generated by vehicles, paving the way for autonomous driving in the future.

The presentation and access to different variations of data that the company plans to offer through its platform poses an architecture challenge. The application portfolio needs to interact securely with various third-party cloud services, and V2X (Vehicle-to-Everything) service providers in many countries to be able to manage the data at scale. The security of V2X is a key concern for the stakeholders. Regulators have stated that the user ' s privacy be always protected, for example, so that the drivers ' journey cannot be tracked or reconstructed by compiling data sent or received by the car.

Refer to the scenario

You have been asked to describe the risk and security considerations you would include in the current phase of the architecture development?

Based on the TOGAF standard which of the following is the best answer?

Options:

You will focus on the relationship with the third parties required for the travel assistance systems and define a trust framework. This will describe the relationship with each party. Digital certificates are a key part of the framework and will be used to create trust between parties. You will monitor legal and regulatory changes across all the countries to keep the trust framework in compliance.

You will perform a qualitative risk assessment for the data assets exchanged with partners. This will deliver a set of priorities, high to medium to low, based on identified threats, the likelihood of occurrence, and the impact if it did occur. Using the priorities, you would then develop a Business Risk Model which will detail the risk strategy including classifications to determine what mitigation is enough.

You will focus on data quality as it is a key factor in risk management. You will identify the datasets that need to be safeguarded. For each dataset, you will assign ownership and responsibility for the quality of data needs. A security classification will be defined and applied to each dataset. The dataset owner will then be able to authorize processes that are trusted for a certain activity on the dataset under certain circumstances.

You will create a security domain model so that assets with the same level can be managed under one security policy. Since data is being shared across partners, you will establish a security federation to include them. This would include contractual arrangements, and a definition of the responsibility areas for the data exchanged, as well as security implications. You would undertake a risk assessment determining risks relevant to specific

Buy Now

Answer:

Explanation:

A security domain model is a technique that can be used to define the security requirements and policies for the architecture. A security domain is a grouping of assets that share a common level of security and trust. A security policy is a set of rules and procedures that govern the access and protection of the assets within a security domain. A security domain model can help to identify the security domains, the assets within each domain, the security policies for each domain, and the relationships and dependencies between the domains1

Since the data is being shared across partners, a security federation is needed to establish a trust relationship and a common security framework among the different parties. A security federation is a collection of security domains that have agreed to interoperate under a set of shared security policies and standards. A security federation can enable secure data exchange and collaboration across organizational boundaries, while preserving the autonomy and privacy of each party. A security federation requires contractual arrangements, and a definition of the responsibility areas for the data exchanged, as well as security implications2

A risk assessment is a process that identifies, analyzes, and evaluates the risks that may affect the architecture. A risk assessment can help to determine the likelihood and impact of the threats and vulnerabilities that may compromise the security and privacy of the data assets. A risk assessment can also help to prioritize and mitigate the risks, and to monitor and review the risk situation3

Therefore, the best answer is D, because it describes the risk and security considerations that would be included in the current phase of the architecture development, which is focused on the Business Architecture. The answer covers the security domain model, the security federation, and the risk assessment techniques that are relevant to the scenario.

1: The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 35: Security Architecture and the ADM 2: The TOGAF Standard, Version 9.2, Part IV: Architecture Content Framework, Chapter 38: Security Architecture 3: The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 32: Risk Management

Exam Code: OGEA-102

Exam Name: TOGAF Enterprise Architecture Part 2 Exam (English)

Last Update: Apr 11, 2026

Questions: 34

OGEA-102 PDF

$25.5 ~~$84.99~~

Add to Cart

OGEA-102 Testing Engine

$28.5 ~~$94.99~~

Add to Cart

OGEA-102 PDF + Testing Engine

$40.5 ~~$134.99~~

Add to Cart

Pre-Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

certsboard certification exams

Navigation:

OGEA-102 Exam Dumps - The Open Group Enterprise Architecture Questions and Answers

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

OGEA-102 PDF

OGEA-102 Testing Engine

OGEA-102 PDF + Testing Engine

Quick Links

Recently New Released Certification Exams

Site Secure