Certified Information Systems Auditor (CISA) — Question 747

Which of the following is the BEST way to help ensure new IT implementations align with enterprise architecture (EA) principles and requirements?

Answer options

• A. Consider stakeholder concerns when defining the EA.
• B. Conduct EA reviews as part of the change advisory board.
• C. Perform mandatory post-implementation reviews of IT implementations.
• D. Document the security view as part of the EA.

Correct answer: B

Explanation

Including EA evaluations as part of the change advisory board ensures that new IT implementations are reviewed in the context of established architecture principles before approval. While considering stakeholder concerns, conducting post-implementation reviews, and documenting the security view are all important practices, they do not directly integrate EA principles into the decision-making process for new projects as effectively as option B does.