Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 29

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 3031

Question

To address the issue that performance pressures on IT may conflict with information security controls, it is MOST important that:

A. the security policy is changed to accommodate IT performance pressure
B. noncompliance issues are reported senior management
C. senior management provides guidance and dispute resolution
D. information security management understands business performance issues

Answer

D. information security management understands business performance issues

CISA Question 3032

Question

A policy has been established requiring users to install mobile device management (MDM) software on their personal devices. Which of the following would BEST mitigate the risk created by noncompliance with this policy?

A. Issuing warnings and documenting noncompliance
B. Disabling remote access from the mobile device
C. Issuing company-configured mobile devices
D. Requiring users to sign-off on terms and conditions

Answer

B. Disabling remote access from the mobile device

CISA Question 3033

Question

An information security team has discovered that users are sharing a login account to an application with sensitive information, in violation of the access policy.
Business management indicates that the practice creates operational efficiencies. The information security manager’s BEST course of action should be to:

A. modify the policy
B. present the risk to senior management
C. enforce the policy
D. create an exception for the deviation

Answer

B. present the risk to senior management

CISA Question 3034

Question

An objective of capacity management is to ensure that:

A. organizational resources are used efficiently.
B. available resources are fully utilized.
C. new resources are allocated for new applications.
D. resource utilization does not drop below 85%.

Answer

A. organizational resources are used efficiently.

CISA Question 3035

Question

An information systems security officer’s PRIMARY responsibility for business process applications is to:

A. create role-based rules for each business process.
B. ensure access rules agree with policies.
C. authorize secured emergency access.
D. approve the organization’s security policy.

Answer

B. ensure access rules agree with policies.

CISA Question 3036

Question

Which of the following methods would BEST ensure that IT strategy is in line with business strategy?

A. Break-even analysis
B. Value analysis
C. Critical path analysis
D. Business impact analysis (BIA)

Answer

B. Value analysis

CISA Question 3037

Question

An external audit team is deciding whether to rely on internal audit’s work for an annual compliance audit. Which of the following is the GREATEST consideration when making this decision?

A. Independence of the internal audit department from management’s influence
B. Professional certifications held by the internal audit team members
C. Years of experience each of the internal auditors have in performing compliance audits
D. The level of documentation maintained by internal audit and the methods used to collect evidence

Answer

A. Independence of the internal audit department from management’s influence

CISA Question 3038

Question

What is the BEST method to determine if IT resource spending is aligned with planned project spending?

A. Earned value analysis (EVA)
B. Gantt chart
C. Return on investment (ROI) analysis
D. Critical path analysis

Answer

A. Earned value analysis (EVA)

CISA Question 3039

Question

Which of the following is the BEST key performance indicator (KPI) for determining how well the IT policy is aligned to the business requirements?

A. Number of approved exceptions to the policy
B. Total cost of policy breaches
C. Total cost to support the policy
D. Number of inquiries regarding the policy

Answer

A. Number of approved exceptions to the policy

CISA Question 3040

Question

Communicating which of the following would BEST encourage management to initiate appropriate actions following the receipt of report findings?

A. Risk implications of the observations
B. Strict deadlines to close all observations
C. Statistical sampling used to derive observations
D. Recommendations that align with the business strategy

Answer

D. Recommendations that align with the business strategy

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.