The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2521
- Question
- Answer
- CISA Question 2522
- Question
- Answer
- CISA Question 2523
- Question
- Answer
- CISA Question 2524
- Question
- Answer
- CISA Question 2525
- Question
- Answer
- CISA Question 2526
- Question
- Answer
- CISA Question 2527
- Question
- Answer
- CISA Question 2528
- Question
- Answer
- CISA Question 2529
- Question
- Answer
- CISA Question 2530
- Question
- Answer
CISA Question 2521
Question
Following the last external review, the audit client implemented an advanced data storage solution. Which of the following is MOST important in the audit scope?
A. Reviewing the implemented storage options and architectures for critical applications
B. Reviewing procedures to ensure administrators are managing data storage appropriately
C. Determining whether management has adequate off-site storage of operational procedures and manuals
D. Ensuring management has completed a cost-benefit analysis and documented results
Answer
B. Reviewing procedures to ensure administrators are managing data storage appropriately
CISA Question 2522
Question
Which of the following is the BEST indicator that executive management monitors the implementation of the IT strategy?
A. IT topics are regular items on the executive committee agenda
B. IS audit is required to audit large IT investments
C. Executive management subscribes to IT industry publications
D. Executive management receives reports on IT resource usage
Answer
A. IT topics are regular items on the executive committee agenda
CISA Question 2523
Question
An organization’s only IS auditor is asked to design controls for a new system and is also scheduled to audit the system after implementation.
Which of the following is the BEST action for the auditor?
A. Decline to undertake the design role because of the conflict of interest.
B. Respond positively to the request because there is no conflict of interest.
C. Request external audit to perform an independent review of the advice to be provided.
D. Inform the audit committee of the conflict of interest.
Answer
D. Inform the audit committee of the conflict of interest.
CISA Question 2524
Question
Management has requested a post-implementation review of a newly implemented purchasing package to determine to what extent business requirements are being met. Which of the following is MOST likely to be assessed?
A. Results of live processing
B. Test results
C. Purchasing guidelines and policies
D. Implementation methodology
Answer
C. Purchasing guidelines and policies
CISA Question 2525
Question
Which of the following would MOST likely lead an organization to consider implementing an IT quality assurance (QA) program?
A. Decrease in stakeholder satisfaction with IT projects
B. Increase in the use of non-standard IT infrastructure
C. Increase in cyber intrusions across the organization
D. Overspend of IT budgets in various IT projects
Answer
A. Decrease in stakeholder satisfaction with IT projects
CISA Question 2526
Question
Who is PRIMARILY responsible for data integrity and security when implementing a new application?
A. Application end users
B. Project manager
C. Data custodian
D. Data owner
Answer
D. Data owner
CISA Question 2527
Question
When participating as a member of a system development team, the IS auditor should be aware that:
A. as a control specialist, the auditor can provide significant value to the project team by making the final decision on specific controls.
B. the auditor’s ability to perform an independent evaluation of the application after implementation will be impaired.
C. for ongoing evaluation capability, the auditor should ensure that computer audit software is implemented in all applications.
D. the auditor should sign a statement of independence prior to participating in the project team.
Answer
B. the auditor’s ability to perform an independent evaluation of the application after implementation will be impaired.
CISA Question 2528
Question
An organization has contracted with a third party to implement and configure a new accounting application. Once the application is implemented, in-house staff will provide all application support and maintenance. Which of the following is MOST important to the success of this initiative?
A. Documenting an implementation plan
B. Establishing a knowledge transfer plan
C. Conducting a post-implementation review
D. Ensuring the third party completed testing
Answer
A. Documenting an implementation plan
CISA Question 2529
Question
Which of the following risk management activities is MOST important to complete before implementing an enterprise resource planning (ERP) system?
A. Optimize business process designs.
B. Validate compliance with applicable local financial regulations.
C. Define the organization’s control objectives.
D. Appoint an independent risk advisory firm to provide support.
Answer
B. Validate compliance with applicable local financial regulations.
CISA Question 2530
Question
For an organization that has plans to implement web-based trading, it would be MOST important for an IS auditor to verify the organization’s information security plan includes:
A. security training prior to implementation.
B. security requirements for the new application.
C. attributes for system passwords.
D. the firewall configuration for the web server.
Answer
A. security training prior to implementation.