Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 24

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 2581

Question

An organization has implemented an automated match between purchase orders, goods receipts, and invoices. Which of the following risks will this control BEST mitigate?

A. Customer discounts not being applied
B. A legitimate transaction being paid multiple times
C. Invalid payments being processed by the system
D. Delay of purchase orders

Answer

C. Invalid payments being processed by the system

CISA Question 2582

Question

The MOST significant reason for using key performance indicators (KPIs) to track the progress of IT projects against initial targets is that they:

A. influence management decisions to outsource IT projects
B. identify which projects may require additional funding
C. provide timely indication of when corrective actions need to be taken
D. identify instances where increased stakeholder engagement is required

Answer

D. identify instances where increased stakeholder engagement is required

CISA Question 2583

Question

The PRIMARY objective of conducting a post-implementation review is to:

A. determine if project management methodology was applied consistently
B. verify that the information system meets the intended objectives
C. determine if testing documentation was sufficient
D. allow employees to provide feedback on the information system

Answer

B. verify that the information system meets the intended objectives

CISA Question 2584

Question

A month after a company purchased and implemented system and performance monitoring software, reports were too large and therefore were not reviewed or acted upon. The MOST effective plan of action would be to:

A. use analytical tools to produce exception reports from the system and performance monitoring software
B. re-install the system and performance monitoring software
C. evaluate replacement systems and performance monitoring software
D. restrict functionality of system monitoring software to security-related events

Answer

A. use analytical tools to produce exception reports from the system and performance monitoring software

CISA Question 2585

Question

An organization is replacing a mission-critical system. Which of the following is the BEST implementation strategy to mitigate and reduce the risk
of system failure?

A. Stage
B. Phase
C. Parallel
D. Big-bang

Answer

C. Parallel

CISA Question 2586

Question

Which of the following BEST describes a common risk in implementing a new application software package?

A. Parameter settings are incorrect
B. Transaction volume is excessive
C. Sensitivity of transactions is high
D. The application lacks audit trails

Answer

D. The application lacks audit trails

CISA Question 2587

Question

An organization has replaced all of the storage devices at its primary data center with new, higher capacity units. The replaced devices have been installed at the disaster recovery site to replace older units. An IS auditor’s PRIMARY concern would be whether:

A. the procurement was in accordance with corporate policies and procedures
B. the relocation plan has been communicated to all concerned parties
C. a hardware maintenance contract is in place for both old and new storage devices
D. the recovery site devices can handle the storage requirements

Answer

A. the procurement was in accordance with corporate policies and procedures

CISA Question 2588

Question

A manufacturing company is implementing application software for its sales and distribution system. Which of the following is the MOST important reason for the company choose a centralized online database?

A. Enhanced data redundancy
B. Elimination of multiple points of failure
C. Elimination of the need for data normalization
D. Enhanced integrity controls

Answer

D. Enhanced integrity controls

CISA Question 2589

Question

In a RACI model, which of the following roles must be assigned to only one individual?

A. Responsible
B. Informed
C. Consulted
D. Accountable

Answer

D. Accountable

CISA Question 2590

Question

A disaster recovery plan (DRP) should include steps for:

A. assessing and quantifying risk.
B. negotiating contracts with disaster planning consultants.
C. obtaining replacement supplies.
D. identifying application control requirements.

Answer

A. assessing and quantifying risk.

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker