A software development company which produces health care applications has been growing rapidly by acquiring several similar companies, which are based in other states.
IT is now struggling to provide services in support of multiple application development, QA and service teams. For each application, service teams frequently have access to sensitive electronic medical records data that is subject to Federal compliance regulations. No formal standards or policies have been established across application teams relative to sensitive data.
With the goal of ITaaS transformation, senior management seeks to establish IT governance. What would you recommend for a governance model, and why?
A. Centralized, since security and compliance policies should be standardized across the enterprise
B. Hybrid, since it is the best approach during rapid growth by acquisition of companies
C. Federated by application, since it ensures autonomy for each application team and promotes customer satisfaction
D. Distributed by geography, since it enables localized control and lock down of sensitive data
|
Download Printable PDF. VALID exam to help you PASS. |
 |