The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2751
- Question
- Answer
- CISA Question 2752
- Question
- Answer
- CISA Question 2753
- Question
- Answer
- CISA Question 2754
- Question
- Answer
- CISA Question 2755
- Question
- Answer
- CISA Question 2756
- Question
- Answer
- CISA Question 2757
- Question
- Answer
- CISA Question 2758
- Question
- Answer
- CISA Question 2759
- Question
- Answer
- CISA Question 2760
- Question
- Answer
- Explanation
CISA Question 2751
Question
The PRIMARY reason for allocating sufficient time between the `go-live` phase of a new system and conducting a post-implementation review is to:
A. update project requirements and design documentation
B. increase availability of system implementation team resources
C. allow the system to stabilize in production
D. obtain sign-off on the scope of post-implementation review
Answer
C. allow the system to stabilize in production
CISA Question 2752
Question
Which of the following would BEST demonstrate that an effective disaster recovery plan (DRP) is in place?
A. Periodic risk assessment
B. Full operational test
C. Frequent testing of backups
D. Annual walk-through testing
Answer
B. Full operational test
CISA Question 2753
Question
Which of the following MUST be included in emergency change control procedures?
A. Obtaining user management approval before implementing the changes
B. Updating production source libraries to reflect the changes
C. Using an emergency ID to move production programs into development
D. Requesting that the help desk makes the changes
Answer
A. Obtaining user management approval before implementing the changes
CISA Question 2754
Question
To develop meaningful recommendations for findings, which of the following is MOST important for an IS auditor to determine and understand?
A. Criteria
B. Responsible party
C. Impact
D. Root cause
Answer
C. Impact
CISA Question 2755
Question
During development of an information security policy, which of the following would BEST ensure alignment to business objectives?
A. Incorporation of industry best practices
B. Linkage between policy and procedures
C. Use of a balanced scorecard
D. Input from relevant stakeholders
Answer
C. Use of a balanced scorecard
CISA Question 2756
Question
A company is using a software developer for a project. At which of the following points should the software quality assurance (QA) plan be developed?
A. As part of software definition
B. During the feasibility phase
C. Prior to acceptance testing
D. As part of the design phase
Answer
D. As part of the design phase
CISA Question 2757
Question
The GREATEST benefit of using a prototyping approach in software development is that it helps to:
A. decrease the time allocated for user testing and review
B. minimize scope changes to the system
C. conceptualize and clarify requirements
D. improve efficiency of quality assurance (QA) testing
Answer
C. conceptualize and clarify requirements
CISA Question 2758
Question
Which of the following would create the GREATEST risk when migrating a critical legacy system to a new system?
A. Using agile development methodology
B. Following a phased approach
C. Following a direct cut-over approach
D. Maintaining parallel systems
Answer
C. Following a direct cut-over approach
CISA Question 2759
Question
An IT management group has developed a standardized security control checklist and distributed it to the control self-assessors in each organizational unit. Which of the following is the GREATEST risk in this approach?
A. Delayed feedback may increase exposures
B. Over time the checklist may become outdated
C. Assessors may manipulate the results
D. Business-specific vulnerabilities may be overlooked
Answer
D. Business-specific vulnerabilities may be overlooked
CISA Question 2760
Question
Hamid needs to shift users from using the application from the existing (Old) system to the replacing (new) system. His manager Lily has suggested he uses an approach in which the newer system is changed over from the older system on a cutoff date and time and the older system is discontinued once the changeover to the new system takes place. Which of the following changeover approach is suggested by Lily?
A. Parallel changeover
B. Phased changeover
C. Abrupt changeover
D. Pilot changeover
Answer
C. Abrupt changeover
Explanation
In the abrupt changeover approach the newer system is changed over from the older system on a cutoff date and time, and the older system is discontinued once changeover to the new system takes place.
Changeover refers to an approach to shift users from using the application from the existing (old) system to the replacing (new) system.
Changeover to newer system involves four major steps or activities
Conversion of files and programs; test running on test bed
Installation of new hardware, operating system, application system and the migrated data.
Training employees or user in groups
Scheduling operations and test running for go-live or changeover
Some of the risk areas related to changeover includes:
Asset safeguarding –
Data integrity –
System effectiveness –
Change management challenges –
Duplicate or missing records –
The following were incorrect answers:
Parallel changeover – This technique includes running the old system, then running both the old and new systems in parallel and finally full changing over to the new system after gaining confidence in the working of new system.
Phased Changeover -In this approach the older system is broken into deliverables modules. Initially, the first module of older system is phased out using the first module of a new system. Then, the second module of the newer system is phased out, using the second module of the newer system and so forth until reaching the last module.
Pilot changeover – Not a valid changeover type.