Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 28

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 2901

Question

An IS auditor is performing a business continuity plan (BCP) audit and identifies that the plan has not been tested for five years. However, the plan was successfully activated during a recent extended power outage. Which of the following is the IS auditor’s BEST course of action?

A. Determine if lessons learned from the activation were incorporated into the plan.
B. Determine if the business impact analysis (BIA) is still accurate.
C. Determine if a follow-up BCP audit is required to identify future gaps.
D. Determine if the annual BCP training program is in need of a review.

Answer

C. Determine if a follow-up BCP audit is required to identify future gaps.

CISA Question 2902

Question

An organization wants to test business continuity using a scenario in which there are many remote workers trying to access production data at the same time.
Which of the following is the BEST testing method in this situation?

A. Application failover testing.
B. Network stress testing.
C. Alternate site testing.
D. Network penetration testing.

Answer

B. Network stress testing.

CISA Question 2903

Question

Which of the following is MOST important to include in a business continuity plan (BCP)?

A. Vendor contact information
B. Documentation of critical systems
C. Documentation of data center floor plans
D. Backup site location information

Answer

B. Documentation of critical systems

CISA Question 2904

Question

In an environment where most IT services have been outsourced, continuity planning is BEST controlled by:

A. outsourced service provider management.
B. business management.
C. continuity planning specialists.
D. IT management.

Answer

C. continuity planning specialists.

CISA Question 2905

Question

The MAJOR reason for replacing checks with electronic funds transfer (EFT) systems in the accounts payable area is to:

A. increase organizational credibility.
B. decrease the risk of unauthorized changes to payment transactions.
C. decrease the number of paper-based payment forms.
D. increase the efficiency of the payment process.

Answer

D. increase the efficiency of the payment process.

CISA Question 2906

Question

Which of the following would BEST facilitate the successful implementation of an IT-related framework?

A. Aligning the framework to industry best practices
B. Involving appropriate business representation within the framework
C. Establishing committees to support and oversee framework activities
D. Documenting IT-related policies and procedures

Answer

B. Involving appropriate business representation within the framework

CISA Question 2907

Question

An organization has outsourced its data processing function to a service provider. Which of the following would BEST determine whether the service provider continues to meet the organization’s objectives?

A. Periodic audits of controls by an independent auditor
B. Adequacy of the service provider’s insurance
C. Assessment of the personnel training processes of the provider
D. Review of performance against service level agreements (SLAs)

Answer

A. Periodic audits of controls by an independent auditor

CISA Question 2908

Question

During an investigation of transactions in a core banking system, fraudulent transactions are discovered that will require the involvement of law enforcement.
Which of the following should be done FIRST?

A. Ensure evidence is preserved.
B. Initiate incident response procedures.
C. Evaluate the business impact.
D. Notify internal audit management.

Answer

B. Initiate incident response procedures.

CISA Question 2909

Question

What is the BEST way to control updates to the vendor master file in an accounts payable system?

A. Using prenumbered and authorized request forms
B. Having only one person updating the master file
C. Periodically reviewing the entire vendor master file
D. Comparing updates against authorization

Answer

A. Using prenumbered and authorized request forms

CISA Question 2910

Question

The IS department is evaluated monthly on its cost-revenue ratio, user satisfaction rate, and computer downtime. This can BEST be characterized as an application of:

A. control self-assessment (CSA).
B. balanced scorecard.
C. value chain analysis.
D. risk control framework.

Answer

B. balanced scorecard.

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker