The Open Group TOGAF Enterprise Architecture Combined Part 1 and Part 2 Sample Questions:

1. Scenario
You are working as an Enterprise Architect within an Enterprise Architecture (EA) team at a large government agency. The agency has multiple divisions.
The agency has a well-established EA practice and follows the TOGAF standard as its method for architecture development. Along with the EA program, the agency also uses various management frameworks, including business planning, project/portfolio management, and operations management. The EA program is sponsored by the Chief Information Officer (CIO), who has actively promoted architecting with agility within the EA department as her preferred approach for projects.
The government has mandated that the agency prepare themselves for an Artificial Intelligence (AI)-first world, which they have called their "AI-first" plan. As a result, the agency is looking to determine the impact and role that AI will play moving forward. The CIO has approved a Request for Architecture Work to look at how AI can be used for services across the agency. She has noted that digital platforms will be a priority for investment in order to scale the AI applications planned. Using AI to automate tasks and make things run smoother is seen as a big advantage. Process automation and improved efficiency from manual, repetitive activities have been identified as the key benefits of applying generative AI to their agency's business. This will include back-office automation, for example, for help center agents who receive hundreds of email inquiries. This should also improve services for citizens by making them more efficient and personalized, tailored to each individual's needs.
Many of the agency leaders are worried about relying too much on AI. Some leaders think their employees will need to learn new skills. Some employees are worried they might lose their jobs to AI. Other leaders worry about security and cyber resilience in the digital platforms needed for AI to be successful.
The leader of the Enterprise Architecture team has asked for your suggestions on how to address the concerns, and how to manage the risks of a new architecture for the AI-first project.
Based on the TOGAF standard, which of the following is the best answer?

A) You recommend that the key stakeholders be formally identified. This should include those who will be most helpful for the change to be successful. A Communication Plan should be made to address their needs. This plan should include a report that summarizes the key features of the architecture based on stakeholder requirements and addressing concerns. You communicate with each key stakeholder to make sure their concerns are being addressed. You make sure that the architecture being developed clearly addresses risk management.
B) You recommend conducting an analysis of the stakeholders. This involves documenting the positions, concerns, issues, and cultural factors of each group. This information will shape how the architecture is to be presented and communicated. The concerns and relevant views can then be defined for each group and recorded in the Architecture Vision document. The requirements for addressing risk should be recorded in the Architecture Requirements Specification and checked through regular assessments and feedback.
C) You recommend creating an Organization Map to display the links between different parts of the agency. This will help the EA team to find and involve all areas of the agency impacted by this strategic change. Multiple business models should then be created that can be applied to AI-related projects. A meeting will be held with the stakeholders to teach them how to interpret the models and see how their concerns are being addressed. Risk will be managed as part of the Security Architecture development.
D) You recommend conducting an analysis that separates the different types of stakeholders into groups.They can be divided into categories: corporate functions, end-user organization, project team, external vendors, and external partners. A model will be developed for each stakeholder category to ensure that all the necessary information and actions are taken into account. Meetings will be arranged with stakeholders to verify that their concerns have been adequately addressed. Risk management will be included in this process.

2. Which of the following describes the concept of an Enterprise Architecture Capability?

A) The ability to distinguish between different types of architectural assets that exist at different levels of abstraction in the enterprise.
B) The ability to strike a balance between positive and negative outcomes resulting from the realization of opportunities.
C) The ability to develop, use, and sustain the architecture of a particular enterprise using architecture to govern change.
D) The ability to follow general rules and guidelines that relate to Enterprise Architecture work and that enable decision-making.

3. Please read this scenario prior to answering the question
You have been appointed as Chief Enterprise Architect (CEA). reporting to the Chief Technical Officer (CTO), of a company established as a separate operating entity by a major automotive manufacturer. The mission of the company is to build a new industry leading unified technology and software platform for electric vehicles.
The company uses the TOGAF Standard as the basis for its Enterprise Architecture (EA) framework, and architecture development follows the purpose-based EA Capability model as described in the TOGAF Series Guide: A Practitioners'Approach to Developing Enterprise Architecture Following the TOGAF ADM.
An end-to-end Target Architecture has been completed with a roadmap for change over a five-year period.
The new platform will be a cross-functional effort between hardware and software teams, with significant changes over the old platform. It is expected to be developed in several stages over three years. The EA team has inherited the architecture for the previous generation hardware and software automotive platform, some of which can be carried over to the new unified platform. The EA team has started to define the new platform, including defining which parts of the architecture to carry forward.
Enough of the Business Architecture has been defined, so that work can commence on the Information Systems and Technology Architectures. Those need to be defined to support the core business services that the company plans to provide. The core services will feature an innovative approach with swarm data generated by vehicles, paving the way for autonomous driving in the future.
The presentation and access to different variations of data that the company plans to offer through its platform pose an architecture challenge. The application portfolio and supporting infrastructure need to interact with various existing cloud services and data- Refer to the scenario You have been asked what approach should be taken to determine and organize the work to deliver the requested architectures?
Based on the TOGAF standard which of the following is the best answer?

A) You would refer to the end-to-end Target Architecture for guidance and direction. The first objective should be to identify projects, dependencies and synergies, then prioritize before initiating the projects.
You will develop high-level architecture descriptions. For each project you would estimate effort size, identify reference architectures, and candidate building blocks. You will identify the resource needs considering cost and value. You will document options, risks, and controls to enable viability analysis and trade-off with the stakeholders.
B) You will revisit ADM Phase A. identifying the stakeholders and creating a new Architecture Vision.
You will update the Stakeholder map produced for the strategic architecture so it reflects the stakeholders who are now the most relevant to the projects that are to be developed. You would then ask the CTO to make some decisions about the Architecture Roadmap, and update the Implementation and Migration Plan to reflect the decisions.
C) You would look outside the enterprise to research data models and application portfolios of leading big data businesses. You would develop just enough applications, data, and technology architecture to identify options. For each project this should include identification of candidate architecture and solution building blocks. You will identify solution providers, perform a readiness assessment, and assess the viability and fitness of the solution options. You will then document the draft Implementation and Migration plan.
D) You will research leading data businesses, developing high-level Target Data, Application and Technology Architectures. You would review the Architecture Vision in order to estimate the level of detail, time, and breadth of the ADM cycle phases that will be needed to develop the architecture. You will identify and cost major work packages, and then develop an Architecture Roadmap. You would then seek approval by the Architecture Board and initiate the project.

4. Please read this scenario prior to answering the question
Your role is that of a senior architect, reporting to the Chief Enterprise Architect, at a medium-sized company with 400 employees. The nature of the business is such that the data and the information stored on the company systems is their major asset and is highly confidential.
The company employees travel extensively for work and must communicate over public infrastructure using message encryption, VPNs, and other standard safeguards. The company has invested in cybersecurity awareness training for all its staff. However, it is recognized that even with good education as well as system security, there is a dependency on third-parly suppliers of infrastructure and software.
The company uses the TOGAF standard as the method and guiding framework for its Enterprise Architecture (EA) practice. The CTO is the sponsor of the activity.
The Chief Security Officer (CSO) has noted an increase in ransomware (malicious software used in ransom demands) attacks on companies with a similar profile. The CSO recognizes that no matter how much is spent on education, and support, it is likely just a matter of time before the company suffers a significant attack that could completely lock them out of their information assets.
A risk assessment has been done and the company has sought cyber insurance that includes ransomware coverage. The quotation for this insurance is hugely expensive. The CTO has recently read a survey that stated that one in four organizations paying ransoms were still unable to recover their data, while nearly as many were able to recover the data without paying a ransom. The CTO has concluded that taking out cyber insurance in case they need to pay a ransom is not an option.
Refer to the scenario
You have been asked to describe the steps you would take to improve the resilience of the current architecture?
Based on the TOGAF standard which of the following is the best answer?

A) You would determine business continuity requirements, and undertake a gap analysis of the current Enterprise Architecture. You would make recommendations for change requirements to address the situation and create a change request. You would manage a meeting of the Architecture Board to assess and approve the change request. Once approved you would produce a new Request for Architecture Work to activate an ADM cycle to carry out a project to define the change.
B) You would monitor for technology changes from your existing suppliers that could improve resilience.
You would prepare and run a disaster recovery planning exercise for a ransomware attack and analyze the performance of the current Enterprise Architecture. Using the findings, you would prepare a gap analysis of the current Enterprise Architecture. You would prepare change requests to address identified gaps. You would add the changes implemented to the Architecture Repository.
C) You would request an Architecture Compliance Review with the scope to examine the company's resilience to ransomware attacks. You would identify the departments involved and have them nominate representatives. You would then tailor checklists to address the requirement for increased resilience. You would circulate to the nominated representatives for them to complete. You would then review the completed checklists, identifying and resolving issues. You would then determine and present your recommendations.
D) You would ensure that the company has in place up-to-date processes for managing change to the current Enterprise Architecture. Based on the scope of the concerns raised you recommend that this be managed at the infrastructure level. Changes should be made to the baselinedescription of the Technology Architecture. The changes should be approved by the Architecture Board and implemented by change management techniques.

5. Complete the sentence. The "Statement" part of the recommended TOGAF template for Architecture Principles:

A) should communicate the fundamental rule
B) should be easy to remember
C) should highlight the business benefits
D) should highlight the requirements for carrying out the principle

Solutions: