COBIT 2019 Foundation — Question 76

When designing an IT governance system, the NEXT step after considering the enterprise's strategic business objectives is to assess:

Answer options

• A. the enterprise's risk profile.
• B. the IT implementation method.
• C. the role of IT within the enterprise.

Correct answer: A

Explanation

The correct answer is A because assessing the enterprise's risk profile is essential to understand potential vulnerabilities and threats that could impact the business. Options B and C, while important, come after understanding the risks, as they are more focused on implementation and the positioning of IT rather than the foundational risk assessment.