Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 24

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 2521

Question

Following the last external review, the audit client implemented an advanced data storage solution. Which of the following is MOST important in the audit scope?

A. Reviewing the implemented storage options and architectures for critical applications
B. Reviewing procedures to ensure administrators are managing data storage appropriately
C. Determining whether management has adequate off-site storage of operational procedures and manuals
D. Ensuring management has completed a cost-benefit analysis and documented results

Answer

B. Reviewing procedures to ensure administrators are managing data storage appropriately

CISA Question 2522

Question

Which of the following is the BEST indicator that executive management monitors the implementation of the IT strategy?

A. IT topics are regular items on the executive committee agenda
B. IS audit is required to audit large IT investments
C. Executive management subscribes to IT industry publications
D. Executive management receives reports on IT resource usage

Answer

A. IT topics are regular items on the executive committee agenda

CISA Question 2523

Question

An organization’s only IS auditor is asked to design controls for a new system and is also scheduled to audit the system after implementation.
Which of the following is the BEST action for the auditor?

A. Decline to undertake the design role because of the conflict of interest.
B. Respond positively to the request because there is no conflict of interest.
C. Request external audit to perform an independent review of the advice to be provided.
D. Inform the audit committee of the conflict of interest.

Answer

D. Inform the audit committee of the conflict of interest.

CISA Question 2524

Question

Management has requested a post-implementation review of a newly implemented purchasing package to determine to what extent business requirements are being met. Which of the following is MOST likely to be assessed?

A. Results of live processing
B. Test results
C. Purchasing guidelines and policies
D. Implementation methodology

Answer

C. Purchasing guidelines and policies

CISA Question 2525

Question

Which of the following would MOST likely lead an organization to consider implementing an IT quality assurance (QA) program?

A. Decrease in stakeholder satisfaction with IT projects
B. Increase in the use of non-standard IT infrastructure
C. Increase in cyber intrusions across the organization
D. Overspend of IT budgets in various IT projects

Answer

A. Decrease in stakeholder satisfaction with IT projects

CISA Question 2526

Question

Who is PRIMARILY responsible for data integrity and security when implementing a new application?

A. Application end users
B. Project manager
C. Data custodian
D. Data owner

Answer

D. Data owner

CISA Question 2527

Question

When participating as a member of a system development team, the IS auditor should be aware that:

A. as a control specialist, the auditor can provide significant value to the project team by making the final decision on specific controls.
B. the auditor’s ability to perform an independent evaluation of the application after implementation will be impaired.
C. for ongoing evaluation capability, the auditor should ensure that computer audit software is implemented in all applications.
D. the auditor should sign a statement of independence prior to participating in the project team.

Answer

B. the auditor’s ability to perform an independent evaluation of the application after implementation will be impaired.

CISA Question 2528

Question

An organization has contracted with a third party to implement and configure a new accounting application. Once the application is implemented, in-house staff will provide all application support and maintenance. Which of the following is MOST important to the success of this initiative?

A. Documenting an implementation plan
B. Establishing a knowledge transfer plan
C. Conducting a post-implementation review
D. Ensuring the third party completed testing

Answer

A. Documenting an implementation plan

CISA Question 2529

Question

Which of the following risk management activities is MOST important to complete before implementing an enterprise resource planning (ERP) system?

A. Optimize business process designs.
B. Validate compliance with applicable local financial regulations.
C. Define the organization’s control objectives.
D. Appoint an independent risk advisory firm to provide support.

Answer

B. Validate compliance with applicable local financial regulations.

CISA Question 2530

Question

For an organization that has plans to implement web-based trading, it would be MOST important for an IS auditor to verify the organization’s information security plan includes:

A. security training prior to implementation.
B. security requirements for the new application.
C. attributes for system passwords.
D. the firewall configuration for the web server.

Answer

A. security training prior to implementation.

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker