The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2211
- Question
- Answer
- CISA Question 2212
- Question
- Answer
- CISA Question 2213
- Question
- Answer
- CISA Question 2214
- Question
- Answer
- CISA Question 2215
- Question
- Answer
- CISA Question 2216
- Question
- Answer
- CISA Question 2217
- Question
- Answer
- CISA Question 2218
- Question
- Answer
- CISA Question 2219
- Question
- Answer
- CISA Question 2220
- Question
- Answer
CISA Question 2211
Question
Which of the following is the PRIMARY objective of baselining the IT control environment?
A. Define process and control ownership.
B. Ensure IT security strategy and policies are effective.
C. Align IT strategy with business strategy.
D. Detect control deviations.
Answer
D. Detect control deviations.
CISA Question 2212
Question
Which of the following should be the MOST important consideration in IT portfolio management?
A. Aligning IT portfolio processes with corporate objectives
B. Selecting IT investment projects that align with corporate strategy
C. Increasing the budget and resources allocated for IT investments
D. Determining the opportunity cost of IT investment projects
Answer
A. Aligning IT portfolio processes with corporate objectives
CISA Question 2213
Question
Which of the following BEST helps to ensure that all relevant data within an organization is added to a data warehouse during deployment?
A. Data migration
B. Architecture review
C. Project planning
D. Data mining
Answer
A. Data migration
CISA Question 2214
Question
Which of the following IT service management activities is MOST likely to help with identifying the root cause of repeated instances of network latency?
A. Incident management
B. Problem management
C. Change management
D. Configuration management
Answer
B. Problem management
CISA Question 2215
Question
Which of the following indicates the HIGHEST level of maturity for an organization’s information systems internal control environment?
A. Controls are regularly evaluated using a formally documented process.
B. Controls are adequately documented and control exceptions are captured.
C. The operation of controls depends on employee knowledge.
D. Operational effectiveness is evaluated upon management request.
Answer
A. Controls are regularly evaluated using a formally documented process.
CISA Question 2216
Question
Which of the following would MOST effectively detect a condition where an employee assigned to an operations role could perform system administrator functions?
A. User access review
B. System review
C. Business process review
D. Entitlement design review
Answer
A. User access review
CISA Question 2217
Question
Which of the following is the BEST way to detect potentially fraudulent purchases where an employee can approve a receipt of an item or service that the employee also procured?
A. Require staff training on entering purchase orders into the enterprise resource planning (ERP) system.
B. Require receipts to be entered against purchase orders by someone other than the buyer.
C. Requite that invoices can only be paid when matched with purchase orders.
D. Require purchase orders to originate from the same individual with designated authority.
Answer
C. Requite that invoices can only be paid when matched with purchase orders.
CISA Question 2218
Question
Which of the following BEST provides audit management with a view of potential performance improvements within the organization’s IS audit function?
A. Post-audit quality reviews
B. Auditor independence checklists
C. Auditor performance reviews
D. Quality management policies
Answer
A. Post-audit quality reviews
CISA Question 2219
Question
Which of the following is the PRIMARY responsibility of an organization’s IT steering committee?
A. Reporting on key performance measures
B. Communicating strategic goals to IT project teams
C. Conducting peer reviews of other organizations
D. Identifying new technological threats
Answer
B. Communicating strategic goals to IT project teams
CISA Question 2220
Question
Which of the following BEST facilitates the ability to efficiently allocate time, effort, and resources to address security incidents?
A. Incident classification
B. Incident definition
C. Incident escalation
D. Incident monitoring
Answer
A. Incident classification