Which of the following is considered a primary goal of effective information technology (IT) governance?

a. Mitigating IT-related risks
b. Identifying appropriate IT opportunities
c. Ensuring smooth induction of IT in an organization
d. Complying with section 504 of the Sarbanes-Oxley Act

a. Mitigating IT-related risks
The two primary goals of effective information technology (IT) governance are ensuring that an organization achieves good value from its investments in IT and mitigating IT-related risks.Achieving good value from IT investmentsrequires a close alignment between business objectives and IT initiatives.Mitigating IT-related risks means embedding accountability and internal controls inthe organization.