Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 27

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 2841

Question

An organization seeks to control costs related to storage media throughout the information life cycle while still meeting business and regulatory requirements.
Which of the following is the BEST way to achieve this objective?

A. Utilize solid state memory.
B. Implement a data retention policy.
C. Perform periodic tape backups.
D. Stream backups to the cloud.

Answer

B. Implement a data retention policy.

CISA Question 2842

Question

The implementation of an IT governance framework requires that the board of directors of an organization:

A. approve the IT strategy.
B. be informed of all IT initiatives.
C. have an IT strategy committee.
D. address technical IT issues.

Answer

A. approve the IT strategy.

CISA Question 2843

Question

Which of the following is the MOST important to have in place to build consensus among key stakeholders on the cost-effectiveness of IT?

A. Standardized enterprise architecture (EA)
B. A uniform IT chargeback process
C. IT project governance and management
D. IT performance monitoring and reporting

Answer

C. IT project governance and management

CISA Question 2844

Question

During an exit interview, senior management disagrees with some of the facts presented in the draft audit report and wants them removed from the report. Which of the following would be the auditor’s BEST course of action?

A. Revise the assessment based on senior management’s objections
B. Gather evidence to analyze senior management’s objections.
C. Escalate the issue to audit management.
D. Finalize the draft audit report without changes.

Answer

A. Revise the assessment based on senior management’s objections

CISA Question 2845

Question

Of the following, who should approve a release to a critical application that would make the application inaccessible for 24 hours?

A. Business process owner
B. Chief information security officer (CISO)
C. Data custodian
D. Project manager

Answer

D. Project manager

CISA Question 2846

Question

What is the MOST critical finding when reviewing an organization’s information security management?

A. No periodic assessments to identify threats and vulnerabilities
B. No dedicated security officer
C. No official charter for the information security management system
D. No employee awareness training and education program

Answer

C. No official charter for the information security management system

CISA Question 2847

Question

Which of the following is the PRIMARY benefit of using a capability maturity model?

A. It provides detailed change management strategies for performance improvement.
B. It helps the organization develop a roadmap toward its desired level of maturity in each area.
C. It provides a way to compare against similar organizations’ maturity levels.
D. It helps the organization estimate how long it will take to reach the highest level of maturity in each area.

Answer

C. It provides a way to compare against similar organizations’ maturity levels.

CISA Question 2848

Question

An IS auditor conducting a follow-up audit learns that previously funded recommendations have not been implemented due to recent budget restrictions. Which of the following should the auditor do NEXT?

A. Report to the audit committee that the recommendations are still open.
B. Report the matter to the chief financial officer (CFO) and recommend funding be reinstated.
C. Close the audit recommendations in the tracking register.
D. Start an audit of the project funding allocation process.

Answer

D. Start an audit of the project funding allocation process.

CISA Question 2849

Question

When evaluating database management practices, which of the following controls would MOST effectively support data integrity?

A. System processing output balanced to control totals
B. System edit checks
C. User access controls
D. System-generated duplicate transaction reports

Answer

B. System edit checks

CISA Question 2850

Question

Which of the following would BEST help prioritize various projects in an organization’s IT portfolio?

A. Business cases
B. Total cost of ownership (TCO)
C. Industry trends
D. Enterprise architecture (EA)

Answer

D. Enterprise architecture (EA)

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.