Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 25

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 2611

Question

An IS audit had identified that default passwords for a newly implemented application were not changed. During the follow-up audit, which of the following would provide the BEST evidence that the finding was effectively addressed?

A. Written confirmation from management that the passwords were changed
B. Screenshots of system parameters requiring password changes on next login
C. Application log files that record the password changes
D. System-generated emails requiring application users to change passwords

Answer

C. Application log files that record the password changes

CISA Question 2612

Question

An IS auditor is asked to provide feedback on the systems options analysis for a new project. The BEST course of action for the IS auditor would be to:

A. identify the best alternative.
B. request at least one other alternative.
C. comment on the criteria used to assess the alternatives.
D. retain comments as findings for the audit report.

Answer

C. comment on the criteria used to assess the alternatives.

CISA Question 2613

Question

Of the following, who should authorize a project management team’s request to take a mission-critical application offline to implement a new release and configuration?

A. Chief information security officer (CISO)
B. Project manager
C. Application administrator
D. Business process owner

Answer

D. Business process owner

CISA Question 2614

Question

An IS auditor was involved in the design phase for a new system’s security architecture. For the planned post-implementation audit, which of the following would be the MOST appropriate course of action for the auditor?

A. Have another auditor review the security architecture.
B. Disclose the independence issues in the audit report.
C. Change the audit scope to exclude security architecture.
D. Postpone the post-implementation audit to a later date.

Answer

A. Have another auditor review the security architecture.

CISA Question 2615

Question

Which of the following is MOST important for the successful completion of a new application system?

A. Appropriate training of system analysts
B. Steering committee approval of the new system
C. Completion of a positive cost-benefit analysis
D. User participation in the project development

Answer

B. Steering committee approval of the new system

CISA Question 2616

Question

Which of the following is the BEST way to help ensure new IT implementations align with enterprise architecture principles and requirements?

A. Conduct enterprise architecture reviews as part of the change advisory board.
B. Consider stakeholder concerns when defining the enterprise architecture.
C. Document the security view as part of the enterprise architecture.
D. Perform mandatory post-implementation reviews of IT implementations

Answer

D. Perform mandatory post-implementation reviews of IT implementations

CISA Question 2617

Question

As part of a quality assurance initiative, an organization has engaged an external auditor to evaluate the internal IS audit function. Which of the following observations should be of MOST concern?

A. Audit reports are not approved by the audit committee.
B. Audit reports do not state they are conducted in accordance with industry standards.
C. The audit team is not sufficiently leveraging data analytics.
D. Audit engagements are not risk-based.

Answer

B. Audit reports do not state they are conducted in accordance with industry standards.

CISA Question 2618

Question

When designing a data analytics process, which of the following should be the stakeholder’s role in automating data extraction and validation?

A. Performing the business case analysis for the data analytics initiative
B. Indicating which data elements are necessary to make informed decisions
C. Designing the workflow necessary for the data analytics tool to evaluate the appropriate data
D. Allocating the resources necessary to purchase the appropriate software packages

Answer

B. Indicating which data elements are necessary to make informed decisions

CISA Question 2619

Question

Which of the following BEST supports an organization’s planning efforts for investments in IT initiatives?

A. Capability maturity model
B. Enterprise architecture
C. Agile project management
D. Continuous gap assessment

Answer

B. Enterprise architecture

CISA Question 2620

Question

When initiating an IT project, which of the following should be completed FIRST?

A. Project plan
B. Request for proposal
C. Feasibility study
D. Requirements definition

Answer

C. Feasibility study

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker