Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 15

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1541

Question

When planning an audit, it is acceptable for an IS auditor to rely on a third-party provider’s external audit report on service level management when the:

A. report was released within the last 12 months.
B. scope and methodology meet audit requirements.
C. service provider is independently certified and accredited.
D. report confirms that service levels were not violated.

Answer

A. report was released within the last 12 months.

CISA Question 1542

Question

An organization has implemented a control to help ensure databases containing personal information will not be updated with online transactions that are incomplete due to connectivity issues. Which of the following information attributes is PRIMARILY addressed by this control?

A. Integrity
B. Confidentiality
C. Availability
D. Compliance

Answer

A. Integrity

CISA Question 1543

Question

The business case for an IS project has changed during the course of the project due to new requirements being added. What should be done NEXT?

A. The project should go through the formal reapproval process.
B. The changes to the business case should be documented in the project plan.
C. Additional resources should be allocated to the project due to the new requirements.
D. Project stakeholders should be notified of the changes.

Answer

D. Project stakeholders should be notified of the changes.

CISA Question 1544

Question

Which of the following should be the GREATEST concern to an IS auditor reviewing the information security framework of an organization?

A. The information security policy has not been updated in the last two years.
B. A list of critical information assets was not included in the information security policy.
C. Senior management was not involved in the development of the information security policy.
D. The information security policy is not aligned with regulatory requirements.

Answer

B. A list of critical information assets was not included in the information security policy.

CISA Question 1545

Question

Which of the following would BEST assist senior management in evaluating IT performance as well as the alignment between corporate and IT strategic objectives?

A. Enterprise architecture (EA)
B. IT project value analysis
C. Balanced scorecard
D. Control self-assessment (CSA)

Answer

C. Balanced scorecard

CISA Question 1546

Question

An organization with many desktop PCs is considering moving to a thin client architecture. Which of the following is the MAJOR advantage?

A. Administrative security can be provided for the client.
B. System administration can be better managed.
C. The security of the desktop PC is enhanced.
D. Desktop application software will never have to be upgraded.

Answer

D. Desktop application software will never have to be upgraded.

CISA Question 1547

Question

Which of the following is the MOST important issue for an IS auditor to consider with regard to Voice-over IP (VoIP) communications?

A. Continuity of service
B. Homogeneity of the network
C. Nonrepudiation
D. Identity management

Answer

D. Identity management

CISA Question 1548

Question

An IS auditor considering use of another auditor’s workpapers should:

A. rarely rely on the work of another auditor.
B. determine that the workpapers were completed within the past month.
C. determine that the auditee agrees with key issues in these workpapers.
D. consider the appropriateness and sufficiency of the workpapers.

Answer

C. determine that the auditee agrees with key issues in these workpapers.

CISA Question 1549

Question

Which of the following access rights in the production environment should be granted to a developer to maintain segregation of duties?

A. Database administration
B. Emergency support
C. IT operations
D. System administration

Answer

B. Emergency support

CISA Question 1550

Question

During an enterprise resource planning (ERP) post-implementation review, it was noted that operating costs have been significantly higher than anticipated. Which of the following should the organization have done to detect this issue?

A. Updated the project charter as major changes occurred
B. Conducted periodic user satisfaction surveys
C. Performed an analysis of system usage
D. Monitored financial key performance indicators (KPIs)

Answer

D. Monitored financial key performance indicators (KPIs)