OGEA-103 TOGAF Enterprise Architecture Combined Part 1 and Part 2 Exam Questions and Answers

According to the TOGAF Standard, Version 9.2, an Architecture Contract is a joint agreement between development partners and sponsors on the deliverables, quality, and fitness-for-purpose of an architecture1. It defines the scope, responsibilities, and governance of the architecturework, and ensures the alignment and compliance of the architecture with the business goals and objectives1.

In the scenario, the Lead Enterprise Architect has asked you to review the draft Architecture Contracts and recommend the best approach to address the Chief Engineer’s concern about the consistency and quality of the deployment of the new processes for the battery pack production at each location.

The best answer is C, because it follows the guidelines and best practices for defining and using Architecture Contracts as described in the TOGAF Standard, Version 9.22. It ensures that the contracts cover the essential aspects of the project objectives, effectiveness metrics, acceptance criteria, and risk management, and that they are legally enforceable for third-party contractors. It also recommends a schedule of compliance reviews at key points in the implementation process, and a mechanism for handling any deviations from the Architecture Contract, involving the Architecture Board and the possibility of granting a dispensation to allow the process to be customized for local needs.

The other options are not correct because they either23:

A. For changes requested by an internal team, you recommend a memorandum of understanding between the Architecture Board and the implementation organization. For contracts issued to third-party contractors, you recommend that it is a fully enforceable legal contract. You recommend that the Architecture Board reviews all deviations from the Architecture Contract and considers whether to grant a dispensation to allow the implementation organization to customize the process to meet their local needs.: This option does not address the need to review the contracts to ensure that they address the project objectives, effectiveness metrics, acceptance criteria, and risk management. It also does not recommend a schedule of compliance reviews at key points in the implementation process. Moreover, it suggests that a memorandum of understanding is sufficient for internal teams, which may not be legally binding or enforceable.

B. For changes undertaken by internal teams, you recommend a memorandum of understanding between the Architecture Board and the implementation organization. If a contract is issued to a contractor, you recommend that it is a fully enforceable legal contract. If a deviation from the Architecture Contract is found, you recommend that the Architecture Board grant a dispensation to allow the implementation organization to customize the process to meet their local needs.: This option has the same problems as option A, and also implies that the Architecture Board should always grant a dispensation for any deviation, which may not be appropriate or desirable in some cases.

D. You recommend that the Architecture Contracts be used to manage the architecture governance processes across the locations. You recommend deployment of monitoring tools to assess the performance of each completed battery pack at each location and develop change requirements if necessary. If a deviation from the contract is detected, the Architecture Board should allow the Architecture Contract to be modified meet the local needs. In such cases they should issue a new Request for Architecture Work.: This option does not address the need to review the contracts to ensure that they address the project objectives, effectiveness metrics,acceptance criteria, and risk management. It also does not recommend a schedule of compliance reviews at key points in the implementation process. Moreover, it suggests that the Architecture Board should always allow the Architecture Contract to be modified for any deviation, which may not be appropriate or desirable in some cases. It also implies that a new Request for Architecture Work should be issued for each deviation, which may not be necessary or feasible.

1: The TOGAF Standard, Version 9.2, Chapter 3: Definitions and Terminology, Section 3.1: Terms and Definitions

2: The TOGAF Standard, Version 9.2, Chapter 43: Architecture Contracts

3: The TOGAF Standard, Version 9.2, Chapter 44: Architecture Governance

In TOGAF, when an enterprise undergoes a significant strategic shift—particularly one initiated by executive leadership without a clearly defined scope, vision, or objectives—the correct starting point is always Phase A: Architecture Vision, and only after a formal Request for Architecture Work is created or updated. The scenario explicitly states that the CEO has approved a request for architecture change but has not defined scope, constraints, or direction. This aligns precisely with TOGAF guidance that Phase A must establish the high-level vision, stakeholder concerns, business drivers, and initial requirements before moving into the detailed architecture development phases (B, C, D).

Answer choice C reflects this: it requires producing a new Request for Architecture Work and developing a new Architecture Vision, which is the foundational step for any enterprise-wide transformational effort. TOGAF also requires application of the trade-off method to balance stakeholder needs in the Vision phase before detailed architectures are designed.

Choices A and D incorrectly assume architecture definition can begin without a clear approved vision. Choice B focuses solely on Technology Architecture, which contradicts TOGAF’s requirement that Business Architecture must lead the effort during major transformation.

Thus, the only answer compliant with TOGAF ADM is C.

According to the TOGAF standard, the two statements provided refer to different scopes within which architecture can be developed:

Groups of countries, governments, or governmental organizations working together typically align with broader, often international, scopes of architecture that transcend individual enterprise boundaries.

Partnerships and alliances of businesses working together, such as a consortium or supply chain, refer to collaborative efforts that can define architecture at a scope involving multiple enterprises.

In both cases, the term "Architectures Scopes" is appropriate because it reflects the varying levels and contexts in which architectures can be defined, ranging from single business units to collaborative inter-organizational efforts.

The best answer is C. You would hold a series of interviews at each of the manufacturing plants using the business scenarios technique. This will allow you to understand the systems and integrations with local partners. You would use stakeholder analysis to identify key players in the engagement, and to understand their concerns. You will then identify and document the key high-level stakeholder requirements for the architecture. You will then generate high level definitions of the baseline and target architectures.

This answer is based on the TOGAF standard, which recommends the following steps to initiate the architecture project1:

Establish the architecture project

Identify stakeholders, concerns, and business requirements

Confirm and elaborate business goals, business drivers, and constraints

Evaluate business capabilities

Assess readiness for business transformation

Define scope

Confirm and elaborate Architecture Principles, including business principles

Develop Architecture Vision

Define the Target Architecture value propositions and KPIs

Identify the business transformation risks and mitigation activities

Secure stakeholder and sponsor approval

The answer C covers most of these steps, by using the business scenarios technique to elicit and validate the business requirements, goals, drivers, and constraints, as well as the current and future states of the architecture2. The answer C also uses stakeholder analysis to identify and engage the key stakeholders, and to address their concerns and expectations3. The answer C also generates high level definitions of the baseline and target architectures, which can be used to develop the Architecture Vision and the value propositions4.

The other answers are not the best approach for architecture development, because:

Answer A focuses on researching vendor literature and conducting briefings with vendors, which is not the best way to understand the business needs and the current situation of the enterprise. Answer A also defines a preliminary Architecture Vision without involving the stakeholders or validating the requirements, which may lead to misalignment and lack of consensus.

Answer B conducts a pilot project that will enable vendors to demonstrate potential solutions, which is premature and costly at this stage of the architecture project. Answer B also does not address the stakeholder concerns or the current systems and integrations, which may result in gaps and risks. Answer B also develops the requirements after the pilot project, which may not reflect the actual business needs and goals.

Answer D develops baseline and target architectures for each of the manufacturing plants, which may not consider the enterprise-wide perspective and the potential benefits of a common ERP system. Answer D also does not involve the stakeholders or address their concerns, which may result in resistance and conflict. Answer D also does not define the business case or the performance metrics, which are essential for demonstrating the value and feasibility of the architecture.

1: The TOGAF Standard, Version 9.2 - Architecture Vision 2: The TOGAF Standard, Version 9.2 - Business Scenarios 3: [The TOGAF Standard, Version 9.2 - Stakeholder Management] 4: [The TOGAF Standard, Version 9.2 - Architecture Definition Document]

The four dimensions used to scope an architecture are Breadth, Depth, Time Period, and Architecture Domains1, p. 8.

Breadth refers to the extent of the enterprise covered by the architecture, which can range from a specific business unit to the entire organization1, p. 8.

Depth refers to the level of detail and completeness of the architecture, which can vary depending on the purpose, scope, and stakeholders of the architecture1, p. 8.

Time Period refers to the temporal aspects of the architecture, such as the current state, the target state, and the transition plan1, p. 8.

Architecture Domains refers to the classification of the architecture into four domains: Business, Data, Application, and Technology1, p. 8.

These four dimensions help define the scope and boundaries of the architecture and ensure that it meets the needs and expectations of the stakeholders.

1: The Open Group (2018). The TOGAF® Standard, Version 9.2. 1

Comprehensive and Detailed In-Depth Explanation from Expert in Enterprise Architecture, guiding in TOGAF and ArchiMate:

ADM Phase F (Migration Planning) focuses on finalizing the Architecture Roadmap and Implementation and Migration Plan and ensuring they are viable, cost-effective, and clearly understood by decision-makers.

Phase F key objectives include:

Finalizing the Architecture Roadmap

Finalizing the Implementation and Migration Plan

Ensuring costs, benefits, risks, and dependencies of work packages and Transition Architectures are understood

Gaining approval for implementation sequencing and priorities

Why Option A is correct:

Objective 3 directly states the finalization of the Architecture Roadmap and supporting Implementation and Migration Plan, which is a core Phase F responsibility.

Objective 4 aligns with Phase F’s requirement to ensure that business value, cost, and trade-offs are understood by stakeholders prior to implementation approval.

Why the other options are incorrect:

Objective 1 belongs primarily to Phase E (Opportunities and Solutions), where incremental delivery and Transition Architectures are identified.

Objective 2 also belongs to Phase E, where the initial complete Architecture Roadmap is generated from Phases B, C, and D outputs.

Authoritative TOGAF References:

TOGAF ADM Phase F – Migration Planning

TOGAF Architecture Roadmap and Implementation and Migration Plan

============

In the TOGAF Standard, a well-defined architecture principle must meet several quality criteria, such as understandability, robustness, completeness, and consistency. The criterion most closely associated with a principle being definitive, precise, and reliable under complex decision-making conditions is Robustness. TOGAF describes robustness as the characteristic that ensures the principle provides clear guidance even when applied across a variety of scenarios, stakeholder viewpoints, and architectural complexities. A robust principle remains valid and usable regardless of changes in context or external pressures.

Where other criteria focus on different aspects—such as Stability (long-term applicability), Completeness (covering all necessary aspects of the principle’s intent), and Consistency (avoiding conflict with other principles)—it is Robustness that specifically ensures a principle is sufficiently strong and precise to support consistent decisions in complex environments. This means a robust principle minimizes ambiguity, avoids subjective interpretation, and provides architects with a dependable rule that can be repeatedly applied across multiple architecture domains and transformation projects. By being robust, a principle becomes a dependable instrument for governance and architectural alignment at the enterprise level.

In this scenario, the enterprise is undergoing significant transformation due to a merger and the adoption of new technology (hand-held devices). Several key principles from TOGAF's ADM Techniques—particularly those focused on promoting enterprise-wide standardization, adaptability, and data utilization—are pertinent here:

Maximize Benefit to the Enterprise:This principle emphasizes that all architectural decisions should deliver maximum business value. Given that the company is integrating systems to cut costs and improve offerings, maximizing the benefit is crucial. Ensuring that the EA efforts align with enterprise-wide benefits supports the goal of optimizing costs and enhancing offerings, which aligns with the CEO’s vision for the merger.

Common Use Applications:Standardizing applications across the merged entity will be essential to achieve cost savings and to simplify operations. The goal of reducing the number of applications fits with this principle, ensuring that reusable and widely adopted applications support business functions across the organization. Adopting this principle will also aid in harmonizing the systems from both organizations and avoiding unnecessary diversity.

Data is an Asset:Data plays a central role in the company's operations, especially with the use of AI-driven inventory management and the integration of systems. Treating data as an asset is essential for reliable and accurate decision-making. This principle ensures that data is viewed as a critical enterprise resource and is managed with care, maintaining integrity, accuracy, and value.

Responsive Change Management:The organization’s ability to adapt quickly and effectively to changes, such as integrating new handheld devices and merging systems, is essential. This principle will facilitate the smooth transition required for integrating the new handheld devices and the merger-related system updates while minimizing disruption to store operations.

Technology Independence:Since the enterprise will likely encounter varied technologies from the merger, it is crucial to maintain flexibility. This principle advocates for using technology solutions that are adaptable and not bound to a single vendor or specific technology. This ensures that the enterprise can integrate various technological components from both organizations and evolve with minimal constraints.

These principles align well with TOGAF's broader recommendations for guiding architectural changes, as found in Section 2.6 of the TOGAF ADM Techniques. They ensure that the EA practice is aligned with business objectives while maintaining flexibility, data integrity, and a focus on enterprise-wide benefits. These guiding principles are critical for the successful execution of the integration and adoption of new technologies while achieving cost efficiencies and improving service delivery.

For reference, TOGAF's ADM Techniques highlight the importance of architectural principles in guiding transformational initiatives, ensuring that decisions are made consistently across the enterprise. Each principle supports organizational agility, system integration, and the efficient use of technology resources, all of which are vital for the enterprise's stated objectives.

The Target Architecture is a description of the future state of the architecture that addresses the business goals and drivers, and satisfies the stakeholder requirements and concerns. The Target Architecture is developed through the Architecture Development Method (ADM), which is the core process of the TOGAF standard that guides the development and management of the enterprise architecture. The Target Architecture is typically divided into four domains: Business, Data, Application, and Technology. The Target Architecture also includes a roadmap for change, which defines the Transition Architectures, the Capability Increments, and the work packages that enable the transition from the Baseline Architecture to the Target Architecture12

The best answer is B, because it describes the approach that should be taken to determine and organize the work to deliver the requested architectures, which are the Information Systems and Technology Architectures. The answer covers the following steps:

Refer to the end-to-end Target Architecture for guidance and direction. The end-to-end Target Architecture provides the overall vision, scope, and objectives of the architecture work, and the alignment with the business strategy and goals. The end-to-end Target Architecture also provides the high-level definitions and principles for the four architecture domains, and the roadmap for change that outlines the major milestones and deliverables.

Identify projects, dependencies and synergies, then prioritize before initiating the projects. Projects are the units of work that implement the architecture work packages, which are the sets of actions or tasks that are required to implement a specific part of the architecture. Dependencies are the relationships and constraints that affect the order or priority of the projects, such as logical, temporal, or resource dependencies. Synergies are the benefits or advantages that result from the combination or coordination of the projects, such as cost savings, efficiency gains, or innovation opportunities. Prioritization is the process of ranking the projects according to their importance, urgency, or value, and assigning resources and schedules accordingly.

Develop high-level architecture descriptions. High-level architecture descriptions are the outputs of the architecture development phases (B, C, and D) of the ADM cycle, which describe the Business, Data, Application, and Technology Architectures in terms of the Architecture Building Blocks (ABBs) and the Solution Building Blocks (SBBs), which are reusable components of business, IT, or architectural capability. High-level architecture descriptions also include the Architecture Views, which are representations of the system of interest from the perspective of one or more stakeholders and their concerns.

For each project, estimate effort size, identify reference architectures, and candidate building blocks. Effort size is the measure of the amount of work, time, or resources required to complete a project. Effort size can be estimated using various techniques, such as analogy, expert judgment, parametric, or bottom-up. Reference architectures are standardized architectures that provide a common framework and vocabulary for a specific domain or industry. Reference architectures can be used as a source of best practices, patterns, and models for the architecture development. Candidate building blocks are the potential ABBs or SBBs that can be used to implement the architecture. Candidate building blocks can be identified from the Architecture Repository, which is a collection of architecture assets, such as models, patterns, principles, standards, and guidelines.

Identify the resource needs considering cost and value. Resource needs are the specifications and criteria that define the acceptable level and quality of the resources required to complete the project, such as human, financial, physical, or technological resources. Resource needs can be identified by analyzing the scope, complexity, and dependencies of the project, and the availability, capability, and suitability of the resources. Cost and value are the factors that influence the allocation and utilization of the resources, such as the budget, the return on investment, the benefits, or the risks.

Document options, risks, and controls to enable viability analysis and trade-off with the stakeholders. Options are the alternative ways of achieving the project objectives, such as different solutions, technologies, vendors, or approaches. Risks are the effects of uncertainty on the project objectives, such as threats or opportunities. Controls are the measures or actions that are taken to prevent, reduce, or mitigate the risks, such as policies, procedures, or standards. Viability analysis is the process of evaluating and comparing the options, risks, and controls, and determining the feasibility, suitability, and desirability of each option. Trade-off is the decision outcome that balances and reconciles the multiple, often conflicting, requirements and concerns of the stakeholders, and ensures alignment with the Architecture Vision and the Architecture Principles.

 1: The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 5: Introduction to the ADM 2: The TOGAF Standard, Version 9.2, Part IV: Architecture Content Framework, Chapter 36: Building Blocks : The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 18: Phase A: Architecture Vision : The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 19: Phase B: Business Architecture : The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 20: Phase C: Information Systems Architectures : The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 21: Phase F: Migration Planning : The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 23: Architecture Principles : The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 30: Trade-Off Analysis : The TOGAF Standard, Version 9.2, Part VI: Architecture Capability Framework, Chapter 46: Tools for Architecture Development : The TOGAF Standard, Version 9.2, Part VI: Architecture Capability Framework,Chapter 47: Architecture Board : The TOGAF Standard, Version 9.2, Part VI: Architecture Capability Framework, Chapter 48: Architecture Compliance : The TOGAF Standard, Version 9.2, Part VI: Architecture Capability Framework, Chapter 49: Architecture Contract : The TOGAF Standard, Version 9.2, Part VI: Architecture Capability Framework, Chapter 50: Architecture Governance : The TOGAF Standard, Version 9.2, Part VI: Architecture Capability Framework, Chapter 51: Architecture Maturity Models : The TOGAF Standard, Version 9.2, Part VI: Architecture Capability Framework, Chapter 52: Architecture Skills Framework

A security domain model is a technique that can be used to define the security requirements and policies for the architecture. A security domain is a grouping of assets that share a common level of security and trust. A security policy is a set of rules and procedures that govern the access and protection of the assets within a security domain. A security domain model can help to identify the security domains, the assets within each domain, the security policies for each domain, and the relationships and dependencies between the domains1

Since the data is being shared across partners, a security federation is needed to establish a trust relationship and a common security framework among the different parties. A security federation is a collection of security domains that have agreed to interoperate under a set of shared security policies and standards. A security federation can enable secure data exchange and collaboration across organizational boundaries, while preserving the autonomy and privacy of each party. A security federation requires contractual arrangements, and a definition of the responsibility areas for the data exchanged, as well as security implications2

A risk assessment is a process that identifies, analyzes, and evaluates the risks that may affect the architecture. A risk assessment can help to determine the likelihood and impact of the threats and vulnerabilities that may compromise the security and privacy of the data assets. A risk assessment can also help to prioritize and mitigate the risks, and to monitor and review the risk situation3

Therefore, the best answer is D, because it describes the risk and security considerations that would be included in the current phase of the architecture development, which is focused on the Business Architecture. The answer covers the security domain model, the security federation, and the risk assessment techniques that are relevant to the scenario.

 1: The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 35: Security Architecture and the ADM 2: The TOGAF Standard, Version 9.2, Part IV: Architecture Content Framework, Chapter 38: Security Architecture 3: The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 32: Risk Management

Key aspects of the scenario:

Business Objective:

A merger is happening to combine offerings, reduce costs, and achieve operational efficiency.

The goal includes fully integrating retail operations and systems, replacing duplicated systems, and reducing the number of applications used.

Technological Improvements:

A central AI-based inventory system is in place.

Hand-held devices for stores have improved customer and staff satisfaction and increased efficiency.

Scope of Architecture Work:

Integrating the merged systems.

Managing retail architecture to optimize operations.

TOGAF Alignment:

TOGAF principles aim to ensure the architecture supports business transformation effectively while aligning with governance and best practices.

Best answer analysis:

Option 1:

Maximize Benefit to the Enterprise: Aligns with the merger goals of cost reduction and efficiency.

Common Use Applications: Matches the goal to reduce duplicated systems.

Data is an Asset: Central AI system depends on accurate and reliable data.

Responsive Change Management: Necessary to support the transition and manage organizational impacts.

Technology Independence: Encourages selecting flexible, scalable solutions post-merger.

This option comprehensively aligns with the scenario.

Option 2:

Control Technical Diversity: Important but less emphasized than cost reduction and application unification.

Interoperability: Relevant, but less critical compared to principles addressing business value.

Data is an Asset: Relevant.

Data is Shared: Implied in centralized inventory but not directly stated.

Business Continuity: Important but not the main focus here.

This option partially fits but lacks emphasis on business outcomes.

Option 3:

Common Vocabulary and Data Definitions: Indirectly helpful but not central to the transformation.

Compliance with the Law: Always critical, but no explicit legal issues are mentioned.

Requirements-Based Change: General principle but not transformation-specific.

Responsive Change Management: Relevant.

Data Security: Important but not a central concern in the scenario.

This option focuses more on governance and less on merger goals.

Option 4:

Common Use Applications: Relevant to reducing duplicate systems.

Data is an Asset: Relevant.

Data is Accessible: Fits with AI system and handheld devices but is a subset of "Data is an Asset."

Ease of Use: Relevant to handheld devices but not a core transformation principle.

Business Continuity: Important but secondary to cost and efficiency.

This option focuses more on usability and accessibility rather than transformation objectives.

Business continuity is the ability of an organization to maintain essential functions during and after a disaster or disruption. Business continuity requirements are the specifications and criteria that define the acceptable level of performance and availability of the business processes and services in the event of a disaster or disruption. A gap analysis is a technique that compares the current state of the architecture with the desired state, and identifies the gaps or differences that need to be addressed. A change request is a formal proposal for an amendment to some product or system, such as the architecture. A Request for Architecture Work is a document that describes the scope, approach, and expected outcomes of an architecture project123

The best answer is A, because it describes the steps that would improve the resilience of the current architecture, which is the ability to withstand and recover from a ransomware attack or any other disruption. The steps are:

Determine the business continuity requirements, which specify the minimum acceptable level of performance and availability of the business processes and services in case of a ransomware attack. This would involve identifying the critical business functions, the recovery time objectives, the recovery point objectives, and the dependencies and resources needed for recovery.

Undertake a gap analysis of the current Enterprise Architecture, which compares the current state of the architecture with the desired state based on the business continuity requirements. This would involve assessing the strengths and weaknesses of the current architecture, the risks and opportunities for improvement, and the gaps or differences that need to be addressed.

Make recommendations for change requirements to address the situation and create a change request. This would involve proposing solutions and alternatives to close the gaps, enhance the resilience, and mitigate the risks of the current architecture. The change request would document the rationale, scope, impact, and benefits of the proposed changes, and seek approval from the relevant stakeholders.

Manage a meeting of the Architecture Board to assess and approve the change request. The Architecture Board is a governance body that oversees the architecture work and ensures compliance with the architecture principles, standards, and goals. The meeting would involvepresenting the change request, discussing the pros and cons, resolving any issues or conflicts, and obtaining the approval or rejection of the change request.

Once approved, produce a new Request for Architecture Work to activate an ADM cycle to carry out a project to define the change. The Request for Architecture Work would describe the scope, approach, and expected outcomes of the architecture project that would implement the approved change request. The Request for Architecture Work would initiate a new cycle of the Architecture Development Method (ADM), which is the core process of the TOGAF standard that guides the development and management of the enterprise architecture.

 1: The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 33: Business Scenarios 2: The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 30: Gap Analysis 3: The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 31: Architecture Change Management : The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 7: Request for Architecture Work : The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 34: Business Transformation Readiness Assessment : The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 30: Gap Analysis : The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 31: Architecture Change Management : The TOGAF Standard, Version 9.2, Part VI: Architecture Capability Framework, Chapter 50: Architecture Governance : The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 7: Request for Architecture Work

The question asks:

“What steps would you take to strengthen the current architecture to improve data protection?”

This requires understanding how TOGAF handles:

Business continuity requirements

Gap analysis in existing architecture

Architecture change requests

Triggering a new ADM cycle

Governance via the Architecture Board

Option C is the only answer that aligns correctly with TOGAF’s formal Architecture Change Management process (ADM Phase H) and how to progress from identifying gaps to initiating a new cycle.

✅ Why Option C Is Correct

✔ 1. Starts with identifying business continuity requirements

TOGAF Phase A and Phase B require understanding business continuity and information security requirements as part of architecture development.

✔ 2. Analyzes the current architecture for gaps

Gap analysis is a required step in:

Phase B (Business Architecture)

Phase C (Data/Application Architecture)

Phase D (Technology Architecture)

It is also part of Architecture Change Management (Phase H) when examining existing threats or deficiencies.

✔ 3. Creates a Change Request

In TOGAF, if gaps or new risks require architectural enhancements, a formal Change Request is submitted. This is a mandatory TOGAF mechanism.

✔ 4. Architecture Board evaluates the Change Request

The Architecture Board approves major changes before a new cycle starts — exactly as described in option C.

✔ 5. Initiates a new ADM cycle with a RfAW

TOGAF explicitly states:

A new or major architecture change requires a Request for Architecture Work before beginning a new ADM cycle.

Option C follows this sequencing precisely:

Identify requirements → analyze gaps → issue change request → Architecture Board approval → create RfAW → start new ADM cycle.

This is textbook TOGAF.

❌ Why the Other Options Are Incorrect

A – Too narrow and focuses only on Technology Architecture

The problem spans business continuity, data protection, and enterprise-wide readiness — not just infrastructure.

Does not include gap analysis, stakeholder analysis, or initiating a formal ADM cycle.

Incorrectly reduces ransomware mitigation to technology controls.

B – Architecture Compliance Review is inappropriate here

A Compliance Review is used to:

Ensure implementation conforms to architectureNot to:

Identify new risks

Strengthen the architecture

Conduct gap analysisThis option is misusing the review process.

D – Supplier-driven, not TOGAF-driven

Involves contacting suppliers prematurely — not aligned with TOGAF’s architecture-first methodology.

Does not involve Architecture Board approval before pursuing solutions.

Jumps into solutioning before architectural approval.

???? Relevant TOGAF References

Phase H: Architecture Change Management

Manage changes

Evaluate impacts

Generate change requests

Architecture Board Roles

Approves Change Requests

Governs new ADM cycles

Request for Architecture Work

Used to formally launch a new ADM cycle

The scenario clearly states that:

The overall objective is known,

BUT the EA team is expected to define the scope, shared vision, and requirements,

The company uses an iterative approach,

The CEO wants repurpose and reuse rather than replace,

This is a major strategic shift (new markets, new products, new crop mix).

According to the TOGAF standard, when the problem must be understood, and scope, vision, and requirements are not yet defined, the correct starting point is Phase A: Architecture Vision, using an iteration cycle.

This is also consistent with the “baseline-first” approach recommended in the TOGAF Series Guides for situations where:

the business direction is known but high-level,

detailed impacts must be discovered,

and the organization wants to reuse existing capabilities rather than replace them.

Option B is the only answer that:

Begins by understanding the problem,

Defines the structure of the change,

Uses iteration cycles starting with a baseline-first approach,

Leads into transition planning,

Supports clarification of the shared vision and requirements,

Fits the CIO’s instruction to “define the scope, shared vision, and requirements.”

This matches exactly what TOGAF prescribes in early-cycle Architecture Vision and initial iterations.

Option C aligns best with TOGAF Phase F: Migration Planning, which deals with developing a detailed Implementation and Migration Plan, ensuring alignment with other enterprise frameworks, and assigning business value to work packages and projects.

???? TOGAF Phase F Activities (from the standard):

Confirm Management Framework Interactions:

Per TOGAF, Phase F ensures that the migration planning is aligned with the business planning, portfolio/project management, and operations management frameworks used by the enterprise (which are mentioned in the scenario).

TOGAF emphasizes coordination between EA and other enterprise governance processes.

Prioritize Projects:

TOGAF recommends using business value, resource availability, and strategic alignment to prioritize the various work packages and projects for implementation.

This is directly referenced in option C: "assign a business value to each project, considering the available resources and how well they align with the strategy."

Update Roadmaps and Implementation Plan:

After coordination and prioritization, the Architecture Roadmap and the Implementation and Migration Plan are updated.

This is essential before formal governance (Phase G).

❌ Why the Other Options Are Incorrect:

A: Incorrect focus on updating the Architecture Definition Document and lessons learned.

The Architecture Definition Document is mostly finalized in Phases B–E.

Lessons learned and governance modeling are more relevant to Phase G (Implementation Governance) and Phase H (Architecture Change Management), not Phase F.

B: Although it mentions the Business Value Assessment Technique (a valid tool in TOGAF), it includes Architecture Definition Increments Table, which is not a standard TOGAF artifact.

Also, "document the lessons learned" is premature in Phase F; these are more applicable in Phase H.

D: Focuses on Compliance Assessment, which is part of Phase G (Implementation Governance), not Phase F.

Changing performance requirements based on monitoring tools is handled during operations and change management, not during migration planning.

???? Source References from TOGAF:

TOGAF 9.2 – Section 11.3 (Phase F: Migration Planning)

"Activities include confirming the enterprise's capability for transition, prioritizing projects, identifying dependencies and resource availability, and co-ordinating with other management frameworks."

TOGAF 9.2 – Section 11.4 Outputs:

Architecture Roadmap (updated)

Implementation and Migration Plan (updated)

Business Value Assessment

Consolidated Gaps, Solutions, and Dependencies

Option C most accurately reflects the TOGAF standard’s guidance on Architecture Contracts and Architecture Governance during implementation (Phase G).

The Architecture Contract in TOGAF formalizes the agreement between the architecture function and the implementation organization. It must clearly define objectives, performance measures, deliverables, quality criteria, risks, and acceptance terms. This ensures consistent quality and traceability across distributed implementations, which directly addresses the Chief Engineer’s concern about inconsistent deployment across multiple plants.

TOGAF further requires architecture compliance reviews at defined checkpoints to verify conformance to the Architecture Definition. Any deviations must be formally reviewed by the Architecture Board. If justified, a dispensation may be granted; however, this must follow a governed process, not informal adjustment.

For third-party suppliers, TOGAF states that contracts must be legally enforceable to ensure compliance. Additionally, governance frameworks should include a dispute resolution mechanism to manage disagreements not resolved through compliance review.

Options A and B omit structured compliance review scheduling and formal governance rigor. Option D incorrectly suggests modifying the Architecture Definition through a new Request for Architecture Work, which is not required for local dispensations.

Therefore, according to TOGAF Architecture Governance guidance, Option C is the best answer.

The correct answer is C, as it aligns with the key TOGAF principles necessary for guiding enterprise architecture in a merger scenario where retail operations and systems are being consolidated.

Analysis of the Principles in Option C:

Common Use Applications

Since the two companies are merging, it is essential to standardize applications across the enterprise.

Using common applications ensures consistency, reduces costs, and improves efficiency.

TOGAF emphasizes this principle to prevent duplicate or redundant systems, which aligns with the CIO’s goal of reducing the number of applications used.

Data is an Asset

In the scenario, a central inventory management system is a core business function.

Treating data as an asset ensures it is managed properly, shared efficiently, and used strategically across the merged organization.

This principle supports the company’s ability to predict demand, adjust stock levels, and automate reordering.

Common Vocabulary and Data Definitions

The merger requires integrating different systems and data structures.

Having a common vocabulary ensures that all stakeholders (stores, fulfillment centers, and digital platforms) use consistent terminology and data definitions.

This minimizes confusion and ensures interoperability across business functions.

Maximize Benefit to the Enterprise

Every architectural decision should focus on the overall benefit to the business.

By consolidating IT systems and reducing redundancies, the company achieves cost savings, which directly supports this principle.

Business Continuity

The stores operate seven days a week, so system changes must ensure uninterrupted service.

Business continuity ensures that customers are not affected during the transition and that critical retail operations (sales, inventory tracking, and fulfillment) remain functional.

Why Other Options Are Incorrect?

Option A: Control Technical Diversity, Interoperability, Data is an Asset, Data is Shared, Business Continuity

Control Technical Diversity is not the primary concern here. The focus is on system consolidation, not necessarily on limiting technology diversity.

Interoperability is important but not as critical as defining a common system and data structure.

Option B: Service Orientation, Compliance with the Law, Requirements-Based Change, Responsive Change Management, Data Security

While service orientation and compliance are valuable, they are not the most relevant to this specific business transition.

Change management and data security are important but do not address the primary enterprise-wide architectural concerns of system consolidation.

Option D: Ease of Use, Common Use Applications, Data is an Asset, Technology Independence, Business Continuity

Ease of Use is beneficial but is not a core architecture principle in this case.

Technology Independence is useful but does not align directly with the scenario’s priority, which is consolidating applications and data structures.

Context of the Scenario

The organization is currently in the Migration Planning phase, which corresponds to Phase F of the TOGAF ADM (Architecture Development Method). The key activities for this phase involve:

Evaluating dependencies and impacts on other organizational frameworks.

Aligning the roadmap and migration plan with strategic objectives and available resources.

Addressing the risks of transitioning from the current architecture to the target architecture using a phased approach.

The deliverables (Architecture Roadmap, Capability Assessment, etc.) and assessments (Gap Analysis, Risk Assessment, Transformation Readiness) have already been developed. The next step is to refine and finalize the migration planning.

Option Analysis

Option A:

While updating the Architecture Definition Document could ensure alignment, this step was completed in earlier phases (B, C, D). At this stage, further changes to the architecture must go through a formal governance review, and applying lessons learned without review contradicts TOGAF principles.

Producing an Implementation Governance Model is more relevant in Phase G (Implementation Governance), not in Phase F.

Conclusion: Incorrect, as it suggests revisiting earlier steps and does not align with the current phase.

Option B:

Conducting Compliance Assessments ensures the architecture is implemented correctly, but this is a task for Phase G (Implementation Governance) after migration planning has been finalized and implementation begins.

Deployment of monitoring tools is also part of implementation and governance activities, not migration planning.

Conclusion: Incorrect, as it focuses on tasks belonging to a later phase.

Option C:

Examining how the Implementation and Migration Plan affects other organizational frameworks is critical in Phase F, as TOGAF emphasizes alignment with business planning, project/portfolio management, and operations management.

Assigning business value to each project ensures prioritization and optimal allocation of resources.

Updating the Architecture Roadmap and the Implementation and Migration Plan based on this analysis ensures strategic alignment and readiness for implementation.

Conclusion: Correct, as it addresses the key objectives of the Migration Planning phase comprehensively.

Option D:

Applying the Business Value Assessment Technique is valid for prioritizing initiatives but is a limited aspect of Migration Planning.

Planning Transition Architecture phases and documenting lessons learned are valid, but this does not address broader organizational impacts or dependencies as effectively as Option C.

Conclusion: Narrow focus; less comprehensive than Option C.

References to TOGAF

Phase F (Migration Planning): The focus is on aligning the migration plan with business objectives, considering organizational dependencies, and prioritizing projects (TOGAF 9.2, Chapter 12).

Architecture Roadmap and Implementation Plan: Updated to reflect changes in priorities and alignment with business frameworks (TOGAF 9.2, Section 12.4).

Framework Integration: Collaboration with other frameworks (e.g., business planning, portfolio management) ensures alignment across the organization (TOGAF 9.2, Section 6.5.2).

Business Value Assessment Technique: Used to prioritize initiatives based on return on investment and performance criteria (TOGAF 9.2, Section 24.4).

Comprehensive and Detailed Explanation From Exact Extract (150–250 words):

Option C is the best answer because it directly aligns with the most critical concerns expressed in the scenario and maps precisely to the example Architecture Principles defined in the TOGAF standard.

The principle Common Vocabulary and Data Definitions is essential in a healthcare environment where standardized medical coding, shared electronic health records, and cross-provider data exchange are core operational requirements. Without consistent data definitions, AI-based solutions would misinterpret clinical information, leading to unsafe or incorrect outcomes.

Data Security is one of the most fundamental principles in regulated industries such as healthcare. The scenario explicitly highlights privacy, prevention of data breaches, system availability, and protection of life-critical systems. This principle ensures confidentiality, integrity, and availability of patient data, all of which are non-negotiable constraints for architecture work in this context.

Requirements-Based Change ensures that architectural decisions are driven by clearly defined business and clinical requirements rather than technology trends alone. This is particularly important for AI initiatives, where stakeholder concerns emphasize patient outcomes, life-critical timing, and minimal disruption. This principle ensures that AI adoption is justified, traceable, and aligned with healthcare priorities.

The other options either focus too broadly on governance, enterprise-wide benefit, or general accessibility, and do not sufficiently address the clinical safety, data integrity, and requirements-driven nature of the project. Therefore, Option C best reflects TOGAF guidance for this scenario.

In TOGAF, when customer needs are unclear or misaligned with the existing architectural direction, the correct approach is to return to the Business Architecture. The Business Architecture phase (ADM Phase B) is responsible for understanding stakeholders, customer segments, business processes, value streams, motivations, and expected outcomes. Since the scenario identifies low engagement, poor adoption, and missed revenue targets, the breakdown is not in technology or application capabilities—it is a business misalignment.

Option B correctly focuses on revisiting and refining the target Business Architecture, including identifying customer groups, their interests, costs to serve them, and expected revenue streams. This aligns with TOGAF guidance that Business Architecture must define value propositions and customer value streams before other architecture domains can be effectively adjusted. The use of value stream mapping is entirely appropriate within Business Architecture development, as it provides a structured way to analyze customer value and identify what changes are necessary to meet business goals.

Options A and D prematurely focus on application or baseline gap analysis, which would not resolve a fundamental misunderstanding of customer needs. Option C expands into a full ADM cycle, which is unnecessary at this stage because the primary issue is misalignment, not architectural completeness.

The Business Value Assessment Technique is a technique that can be used to estimate and compare the business value of the projects and project increments that implement the architecture work packages, which are the sets of actions or tasks that are required to implement a specific part of the architecture. The business value is the measure of the benefits or advantages that the project or project increment delivers to the business, such as increased revenue, reduced costs, improved quality, or enhanced customer satisfaction1

The steps for applying the Business Value Assessment Technique are:

Identify the criteria and factors that are relevant to the business value assessment, such as costs, benefits, risks, and opportunities. The criteria and factors should be aligned with the business goals and drivers that motivate the architecture work, and the stakeholder requirements and concerns that influence the architecture work.

Assign weights and scores to the criteria and factors, using various methods, such as expert judgment, historical data, or analytical models. The weights and scores should reflect the importance and performance of the criteria and factors, and the trade-offs and preferences of the stakeholders.

Calculate the business value for each project or project increment, using various techniques, such as net present value, return on investment, or balanced scorecard. The business value should indicate the expected or actual outcomes and impacts of the project or project increment on the business.

Prioritize the implementation projects and project increments, based on the business value and other considerations, such as dependencies, resources, or risks. The prioritization should determine the order or sequence of the projects and project increments, and the allocation and utilization of the resources.

Therefore, the best answer is C, because it describes the next steps for the migration planning, which are the activities that support the transition from the Baseline Architecture to the Target Architecture. The answer covers the Business Value Assessment Technique, which is relevant to the scenario.

 1: The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 28: Business Value Assessment Technique : The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 18: Phase A: Architecture Vision : The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 21: Phase F: Migration Planning : The TOGAF Standard, Version 9.2, Part IV: Architecture Content Framework, Chapter 36: Building Blocks