The Open Group TOGAF Enterprise Architecture Combined Part 1 and Part 2 Exam OGEA-103 Exam Dumps: Updated Questions & Answers (January 2026)

The Architecture Landscape is a class of information within the Architecture Repository that shows an architectural view of the building blocks that are in use within the organization today (the Baseline Architecture), as well as those that are planned for the future (the Target Architecture). The Architecture Landscape typically contains a list of the applications in use within the enterprise, along with their relationships and dependencies, as well as other relevant architectural information. The Architecture Landscape helps to identify opportunities for re-use, consolidation, or retirement of existing applications, as well as gaps or overlaps in the current or future architecture.

The TOGAF Standard, Version 9.2, Part IV: Architecture Content Framework, Chapter 34: Architecture Landscape : The TOGAF Standard, Version 9.2, Part VI: Architecture Capability Framework, Chapter 47: Architecture Repository

The Business Transformation Readiness Assessment technique is used to evaluate the readiness of the organization to undergo change and to identify the actions needed to increase the likelihood of a successful business transformation. These actions should be incorporated in the Implementation and Migration Plan, which is the detailed plan to transition from the Baseline Architecture to the Target Architecture. The Implementation and Migration Plan also includes the Transition Architectures, the Architecture Building Blocks, the Work Packages, the Implementation Governance Model, and the Architecture Contract12 References: 1: The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 27: Business Transformation Readiness Assessment 2: The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 21: Phase F: Migration Planning

According to the TOGAF Standard, 10th Edition, documents which are under development and have not undergone any formal review and approval process are called draft documents, while documents which have been reviewed and approved are called approved documents 1. Draft documents are typically marked with a version number of 0.x, indicating that they are incomplete or provisional. Approved documents are typically marked with a version number of 1.0 or higher, indicating that they have been finalized and authorized. The other options are not correct, as they are not the terms used by the TOGAF Standard to distinguish between documents under development and documents that have been reviewed and approved. The terms “finalized”, “concept”, “deliverable”, and “Version 0.1” and “Version 1.0” are not specific to the TOGAF Standard, and they may have different meanings or interpretations in different contexts. References: 1: TOGAF Standard, 10th Edition, Part II: Architecture Development Method, Chapter 7: Applying Iteration to the ADM, Section 7.2.3 Document Categorization.

The illustration shows an architecture development cycle based on the TOGAF ADM (Architecture Development Method), which is a method for developing and managing an enterprise architecture1.

The ADM consists of nine phases, each with a specific purpose and output. The phases are1:

Preliminary Phase: To prepare and initiate the architecture development cycle, including defining the architecture framework, principles, and governance.

Phase A: Architecture Vision: To define the scope, vision, and stakeholders of the architecture initiative, and to obtain approval to proceed.

Phase B: Business Architecture: To describe the baseline and target business architecture, and to identify the gaps between them.

Phase C: Information Systems Architectures: To describe the baseline and target data and application architectures, and to identify the gaps between them.

Phase D: Technology Architecture: To describe the baseline and target technology architecture, and to identify the gaps between them.

Phase E: Opportunities and Solutions: To identify and evaluate the opportunities and solutions for implementing the target architecture, and to define the work packages and transition architectures.

Phase F: Migration Planning: To finalize the implementation and migration plan, and to ensure alignment with the enterprise portfolio and project management.

Phase G: Implementation Governance: To provide architecture oversight and guidance for the implementation projects, and to manage any architecture change requests.

Phase H: Architecture Change Management: To monitor the changes in the business and technology environment, and to assess the impact and performance of the architecture.

In addition to these phases, there is a central process called Requirements Management, which is labeled as item 1 in the illustration. This process operates throughout the ADM cycle, and its purpose is to manage the architecture requirements throughout the architecture development, ensuring that they are aligned with the business requirements and the stakeholder concerns2.

Therefore, the description that matches the phase of the ADM labeled as item 1 is C. Operates the process of managing architecture requirements.

1: The TOGAF Standard, Version 9.2, Chapter 5: Architecture Development Method (ADM)

2: The TOGAF Standard, Version 9.2, Chapter 17: Requirements Management

The scope of an architecture is the extent and level of detail of the architecture work. The scope of an architecture can be defined along four dimensions: project, breadth, depth, and architecture domains. The project dimension considers the boundaries and objectives of the architecture project, such as the time frame, budget, resources, and deliverables. The breadth dimension considers the coverage and completeness of the architecture across the enterprise, such as the organizational units, business functions, processes, and locations. The depth dimension considers the level of detail and specificity of the architecture, such as the granularity, abstraction, and precision of the architectural elements and relationships. The architecture domains dimension considers the aspects or segments of the architecture, such as the business, data, application, and technology domains.

Therefore, the depth dimension is the one that considers to what level of detail the architecting effort should go.

The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 25: Architecture Scope : The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 25.2: Scope Dimensions : The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 25.2.1: Project, Breadth, Depth, and Architecture Domains

Risk management is a generic technique that can be applied across all phases of the Architecture Development Method (ADM), as well as in the Preliminary Phase and the Requirements Management Phase2. Risk management involves the following steps1:

•Risk identification: This step involves identifying the potential risks that may affect the architecture project, such as technical, business, organizational, environmental, or legal risks. The risks can be identified through various sources, such as stakeholder interviews, workshops, surveys, checklists, historical data, or expert judgment.

•Risk classification: This step involves categorizing the risks based on their nature, source, impact, and priority. The risks can be classified according to different criteria, such as time, cost, scope, quality, security, or compliance. The classification helps in prioritizing the risks and allocating resources and efforts to address them effectively.

•Initial risk assessment: This step involves assessing the likelihood and impact of each risk, and determining the initial level of risk. The likelihood is the probability of the risk occurring, and the impact is the severity of the consequences if the risk occurs. The initial level of risk is the product of the likelihood and impact, and it indicates the urgency and importance of the risk. The initial risk assessment helps in identifying the most critical risks that need immediate attention and mitigation.

Comprehensive and Detailed Step-by-Step Explanation

Context of the Scenario

The scenario highlights significant risks due to ransomware attacks and the need to strengthen the company’s Enterprise Architecture to improve data protection and resilience. TOGAF emphasizes the Architecture Compliance Review as a mechanism for ensuring the architecturemeets its objectives and addresses specific concerns such as security, resilience, and compliance with organizational goals.

The organization has already conducted a risk assessment but requires actionable steps to:

Address ransomware attack risks.

Increase the resilience of the Technology Architecture.

Ensure proper alignment with governance and compliance frameworks.

Option Analysis

Option A:

Strengths:

Highlights the need for up-to-date processes for managing changes in the Enterprise Architecture.

Recognizes the importance of governance through the Architecture Board and change management techniques.

Weaknesses:

The approach focuses solely on the Technology Architecture baseline but does not address the need for specific steps such as compliance review, gap analysis, or tailored resilience measures for ransomware risks.

It provides a broad and generic approach rather than a targeted plan for ransomware and data protection issues.

Conclusion: Incorrect. While it adheres to governance processes, it lacks specific actions to improve resilience and address the immediate security concerns.

Option B:

Strengths:

Proposes an Architecture Compliance Review, which is a core TOGAF process used to evaluate architecture implementation against defined objectives, ensuring it is fit for purpose.

Involves identifying stakeholders (departments) and tailoring checklists specific to ransomware resilience.

Emphasizes issue identification and resolution through structured review processes.

Weaknesses:

Does not explicitly address longer-term updates to the Enterprise Architecture, but this can be inferred as a next step following compliance recommendations.

Conclusion: Correct. This is the most suitable approach based on TOGAF principles, as it uses an established process to evaluate and improve the architecture's resilience.

Option C:

Strengths:

Includes monitoring for updates from suppliers to enhance detection and recovery capabilities, which is relevant to addressing ransomware risks.

Proposes a gap analysis to identify shortcomings in the current Enterprise Architecture and recommends addressing gaps through change requests.

Incorporates disaster recovery planning exercises, which are useful for testing resilience.

Weaknesses:

While thorough, the approach lacks the Architecture Compliance Review process, which is a more structured way to ensure the architecture meets resilience requirements.

Monitoring suppliers and running disaster recovery exercises are operational steps rather than strategic architectural improvements.

Conclusion: Incorrect. While it includes valid activities, it does not adhere to TOGAF’s structured approach for architecture assessment and compliance.

Option D:

Strengths:

Proposes analyzing business continuity requirements and assessing the architecture for gaps, which is relevant to the scenario.

Suggests initiating an ADM cycle to address gaps, which aligns with TOGAF principles.

Weaknesses:

Focusing on initiating a new ADM cycle may be premature, as the immediate priority is to evaluate the existing architecture and address specific resilience concerns.

Does not mention compliance review or tailored resilience measures for ransomware attacks, which are central to the scenario.

Conclusion: Incorrect. It proposes a broader approach that may not adequately address the immediate concerns highlighted by the CSO.

TOGAF References

Architecture Compliance Review: A structured process used to evaluate whether an architecture meets the stated goals, objectives, and requirements (TOGAF 9.2, Chapter 19). It is particularly useful for identifying and addressing resilience requirements in scenarios involving security risks.

Stakeholder Engagement: Identifying and involving stakeholders (e.g., departments) is a critical part of architecture governance and compliance review (TOGAF 9.2, Section 24.2).

Change Management: The Architecture Compliance Review supports identifying necessary changes, which are then managed through governance and change management processes (TOGAF 9.2, Section 21.6).

By choosing Option B, you align with TOGAF’s structured approach to compliance, resilience, and addressing security concerns.

A Consolidated Gaps, Solutions and Dependencies Matrix is a technique that can be used to create work packages for an incremental rollout of the architecture. A work package is a set of actions or tasks that are required to implement a specific part of the architecture. A work packagecan be associated with one or more Architecture Building Blocks (ABBs) or Solution Building Blocks (SBBs), which are reusable components of business, IT, or architectural capability. A work package can also be associated with one or more Capability Increments, which are defined, discrete portions of the overall capability that deliver business value. A Capability Increment can be realized by one or more Transition Architectures, which are intermediate states of the architecture that enable the transition from the Baseline Architecture to the Target Architecture123

The steps for creating work packages using this technique are:

For each gap between the Baseline Architecture and the Target Architecture, identify a proposed solution and classify it as new development, purchased solution, or based on an existing product. A gap is a difference or deficiency in the current state of the architecture that needs to be addressed by the future state of the architecture. A solution is a way of resolving a gap by implementing one or more ABBs or SBBs.

Group similar solutions together to define the work packages. Similar solutions are those that have common characteristics, such as functionality, technology, vendor, or location.

Identify dependencies between work packages, such as logical, temporal, or resource dependencies. Dependencies indicate the order or priority of the work packages, and the constraints or risks that may affect their implementation.

Regroup the work packages into a set of Capability Increments to transition to the Target Architecture. Capability Increments should be defined based on the business value, effort, and risk associated with each work package, and the schedule and objectives of the clinical trials. Capability Increments should also be aligned with the Architecture Vision and the Architecture Principles.

Document the work packages and the Capability Increments in an Architecture Definition Increments Table, which shows the mapping between the work packages, the ABBs, the SBBs, and the Capability Increments. The table also shows the dependencies, assumptions, and issues related to each work package and Capability Increment.

Therefore, the best answer is B, because it describes the approach to identify the work packages for an incremental rollout meeting the requirements, using the Consolidated Gaps, Solutions and Dependencies Matrix as a planning tool.

 1: The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 30: Gap Analysis 2: The TOGAF Standard, Version 9.2, Part IV: Architecture Content Framework, Chapter 36: Building Blocks 3: The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 31: Architecture Change Management : The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 23: Phase E: Opportunities and Solutions : The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 21: Phase F: Migration Planning : The TOGAF Standard, Version 9.2, Part II: Architecture Development Method (ADM), Chapter 18: Phase A: Architecture Vision : The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 23: Architecture Principles

Key aspects of the scenario:

Objective:

Integrating Artificial Intelligence (AI) into healthcare delivery, with a focus on improving patient care, enhancing workplace efficiency, and enabling seamless experiences.

Challenges:

Stakeholder concerns about risk management, adaptability to change, and ensuring alignment with regulations and policies.

Addressing the concerns of staff and top management about AI integration and achieving the desired goals.

CIO's Perspective:

Encouraging an agile approach to architecture development.

Addressing risks and ensuring stakeholder concerns are managed.

Areas for Evaluation:

AI usage by staff and impact on workflows.

Patient experience enhancement via AI.

New workplace platforms and tools powered by AI.

Option Analysis:

Option 1: Analysis of stakeholders and development of a Stakeholder Map

Pros:

Stakeholder analysis is critical for identifying concerns, viewpoints, and requirements.

TOGAF emphasizes stakeholder engagement early in the process to mitigate risks and align expectations.

Developing a Stakeholder Map ensures clear alignment with their interests and creates a foundation for regular feedback loops.

Cons:

Does not explicitly address the creation of architecture models or policies upfront.

Option 2: Creation of a Communications Plan

Pros:

A communications plan fosters effective stakeholder engagement by addressing their concerns and ensuring transparent reporting.

Risk mitigation as part of communication aligns with TOGAF’s stakeholder management practices.

Cons:

This focuses more on communication mechanics rather than advancing architectural development directly.

Option 3: Models for Draft Business, Data, Application, and Technology Architectures

Pros:

Aligns with the Architecture Development Method (ADM), ensuring compliance with requirements and regulations.

Helps formalize stakeholder feedback by verifying their concerns against tangible models.

Cons:

Developing detailed models early on may delay immediate resolution of stakeholder concerns and risk mitigation.

Option 4: Set of reusable business models for AI-related projects

Pros:

Standardized models ensure consistency and portability across the organization’s AI-related efforts.

Cons:

Too narrow in focus for the initial architecture development phase; does not address risk management or stakeholder concerns adequately.

Recommended Answer:

Option 1: You recommend that an analysis of the stakeholders is undertaken.

Reasoning:

The scenario highlights stakeholder concerns about risks, adaptability, and compliance. Addressing these concerns requires stakeholder analysis as the first step.

A Stakeholder Map aligns with TOGAF’s emphasis on stakeholder engagement, providing a structured way to manage their concerns and expectations.

Identifying concerns early and integrating feedback into the Architecture Vision document ensures alignment with goals and smooth progress.

Option 1 sets the foundation for collaboration and risk management, making it the best fit for the current phase.

In the TOGAF framework, understanding and addressing stakeholder concerns is crucial, particularly for complex projects with high stakes like the AI-first initiative described in the scenario. This approach aligns well with TOGAF’s ADM (Architecture Development Method) and its emphasis on effective stakeholder management and risk assessment. Here’s why this is the best course of action:

Stakeholder Analysis and Documentation:Conducting a stakeholder analysis is foundational in the early stages of any TOGAF project, particularly during the Preliminary and Architecture Vision phases. This process involves identifying the different stakeholders, understanding their positions, documenting their concerns, and considering any cultural factors that might influence their perspective on the AI-first initiative. Given the diverse concerns raised (such as job security, skill requirements, and cybersecurity), it’s essential to have a clear understanding of each stakeholder group’s priorities and fears.

Recording Concerns in the Architecture Vision Document:The Architecture Vision phase in TOGAF focuses on defining the high-level scope and objectives of the architecture project. By documenting stakeholder concerns and the corresponding views in the Architecture Vision document, the EA team ensures that these concerns are transparently acknowledged and addressed as part of the strategic direction. This step not only aligns with TOGAF best practices but also helps in building stakeholder buy-in and trust.

Architecture Requirements Specification and Risk Management:Risk management is a key aspect of TOGAF’s ADM, particularly in the Requirements Management and Implementation Governance phases. Documenting the requirements for addressing specific risks in the Architecture Requirements Specification provides a structured way to ensure that identified risks are acknowledged and managed throughout the transformation. Regular assessments and feedback loops ensure ongoing alignment and adaptability to emerging risks, which is particularly important given the dynamic nature of AI and its associated challenges.

Alignment with TOGAF ADM Phases:This approach follows the prescribed flow of TOGAF’s ADM, starting with stakeholder engagement in the Preliminary and Architecture Vision phases and progressing to risk assessment in the Requirements Management phase. By maintaining afocus on stakeholder needs and formalizing these into architecture requirements, the EA team can ensure that the architecture not only meets business objectives but also mitigates stakeholder concerns.

TOGAF Reference on Stakeholder Management Techniques:TOGAF places significant emphasis on managing stakeholder concerns through its stakeholder management techniques, which highlight the need to systematically identify, analyze, and address the concerns of all involved parties. This practice helps ensure that the architecture is viable and accepted across the organization.

By conducting a thorough stakeholder analysis and integrating the findings into both the Architecture Vision and the Architecture Requirements Specification, the EA team can proactively address stakeholder concerns, manage risks, and align the AI-first initiative with the agency’s strategic objectives. This approach is consistent with TOGAF’s guidance and provides a structured framework for addressing both business and technical challenges in the context of an AI-first transformation.