Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 28

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 2941

Question

Which of the following has the GREATEST influence on the success of IT governance?

A. IT strategy is embedded in all risk management processes
B. Alignment of IT strategies with the entity’s vision
C. The CIO is a member of the audit committee
D. Clear, concise, and enforced IS policies

Answer

B. Alignment of IT strategies with the entity’s vision

CISA Question 2942

Question

Which of the following would provide management with the MOST reasonable assurance that a new data warehouse will meet the needs of the organization?

A. Appointing data stewards to provide effective data governance
B. Classifying data quality issues by the severity of their impact to the organization
C. Integrating data requirements into the system development life cycle (SDLC)
D. Facilitating effective communication between management and developers

Answer

A. Appointing data stewards to provide effective data governance

CISA Question 2943

Question

An organization plans to allow third parties to collect customer personal data from a retail loyalty platform via an application programming interface (API). Which of the following should be the PRIMARY consideration when designing this API?

A. Data governance policies
B. System resilience
C. Regulatory compliance
D. Data availability

Answer

C. Regulatory compliance

CISA Question 2944

Question

An organization recently implemented an industry-recognized IT framework to improve the overall effectiveness of IT governance. Which of the following would BEST enable an IS auditor to access the implementation against the framework?

A. Capability maturity model
B. Key risk indicators (KRIs)
C. Industry benchmarking
D. Balanced scorecard

Answer

A. Capability maturity model

CISA Question 2945

Question

Which of the following observations should be of GREATEST concern to an IS auditor performing a review of an organization’s IT governance structure?

A. The chief risk officer is also the chief information officer.
B. The chief information officer is prohibited from making capital decisions regarding IT.
C. The IT steering committee has oversight of the IT budget.
D. There are no IT subject matter expects on the board of directors.

Answer

A. The chief risk officer is also the chief information officer.

CISA Question 2946

Question

Which of the following is the GREATEST advantage of using a framework to guide an organization’s governance of IT?

A. It enables consistency when making strategic IT investments across the organization.
B. It enables better management of the annual IT budget provided by the board of directors.
C. It enables improvements to the security of high-risk systems in the organization.
D. It enables the achievement of service levels between IT and true business departments.

Answer

A. It enables consistency when making strategic IT investments across the organization.

CISA Question 2947

Question

When preparing to evaluate the effectiveness of an organization’s IT strategy, an IS auditor should FIRST review:

A. information security procedures.
B. the IT governance framework.
C. the most recent audit results.
D. IT processes and procedures.

Answer

B. the IT governance framework.

CISA Question 2948

Question

The BEST method an organization can employ to align its business continuity plan (BCP) and disaster recovery plan (DRP) with core business needs is to:

A. execute periodic walk-throughs of the plans.
B. update the business impact analysis (BIA) for significant business changes.
C. outsource the maintenance of the BCP and DRP to a third party.
D. include BCP and DRP responsibilities as a part of new employee training.

Answer

B. update the business impact analysis (BIA) for significant business changes.

CISA Question 2949

Question

While reviewing an organization’s business continuity plan (BCP), an IS auditor observes that a recently developed application is not included. The IS auditor should:

A. ensure that the criticality of the application is determined.
B. ignore the observation as the application is not mission critical.
C. include in the audit findings that the BCP is incomplete.
D. recommend that the application be incorporated in the BCP.

Answer

A. ensure that the criticality of the application is determined.

CISA Question 2950

Question

When reviewing business continuity plan (BCP) test results, it is MOST important for the IS auditor to determine whether the test:

A. verifies the ability to resume key business operations.
B. considers changes to the systems environment.
C. assesses the capability to retrieve vital records.
D. follows up on activities that occurred since the previous test.

Answer

A. verifies the ability to resume key business operations.

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.