The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 3041
- Question
- Answer
- CISA Question 3042
- Question
- Answer
- CISA Question 3043
- Question
- Answer
- CISA Question 3044
- Question
- Answer
- CISA Question 3045
- Question
- Answer
- CISA Question 3046
- Question
- Answer
- CISA Question 3047
- Question
- Answer
- CISA Question 3048
- Question
- Answer
- CISA Question 3049
- Question
- Answer
- CISA Question 3050
- Question
- Answer
CISA Question 3041
Question
Which of the following would be MOST important to update once a decision has been made to outsource a critical application to a cloud service provider?
A. Project portfolio
B. IT resource plan
C. IT budget
D. Business impact analysis (BIA)
Answer
D. Business impact analysis (BIA)
CISA Question 3042
Question
Which of the following is the PRIMARY risk when business units procure IT assets without IT involvement?
A. Corporate procurement standards are not followed.
B. The business units want IT to be responsible for maintenance costs.
C. Data security requirements are not considered.
D. System inventory becomes inaccurate.
Answer
A. Corporate procurement standards are not followed.
CISA Question 3043
Question
The performance, risks, and capabilities of an IT infrastructure are BEST measured using a:
A. balanced scorecard.
B. risk management review.
C. service level agreement (SLA).
D. control self-assessment (CSA).
Answer
A. balanced scorecard.
CISA Question 3044
Question
When developing metrics to measure the contribution of IT to the achievement of business goals, the MOST important consideration is that the metrics:
A. measure the effectiveness of IT controls in the achievement of IT strategy.
B. provide quantitative measurement of IT initiatives in relation with business targets.
C. are expressed in terms of how IT risk impacts the achievement of business goals.
D. are used by similar industries to measure the effect of IT on business strategy.
Answer
B. provide quantitative measurement of IT initiatives in relation with business targets.
CISA Question 3045
Question
An operations manager has recently moved to internal audit. Which of the following would be of GREATEST concern when assigning audit projects to this individual?
A. A control within the audit scope was implemented by the operations manager six months ago.
B. A control within the audit scope was downgraded to low risk by the operations manager six months ago.
C. The owner of a process within the audit scope worked for the operations manager six month ago.
D. A system within the audit scope is supported by an emerging technology for which the operations manager lacks experience.
Answer
A. A control within the audit scope was implemented by the operations manager six months ago.
CISA Question 3046
Question
Which of the following is the MOST effective control to reduce the risk of information leakage through social media?
A. Use of keystroke loggers
B. Periodic review of the data classification policy
C. Limited access to social media sites in the workplace
D. Security awareness training
Answer
D. Security awareness training
CISA Question 3047
Question
Which of the following should be the PRIMARY basis for planning and prioritizing IT infrastructure security audits?
A. Asset value to the organization
B. Management requests
C. The organization’s risk appetite
D. Security best practice
Answer
A. Asset value to the organization
CISA Question 3048
Question
To enable the alignment of IT staff development plans with IT strategy, which of the following should be done FIRST?
A. Include strategic objectives in IT staff performance objectives.
B. Review IT staff job descriptions for alignment.
C. Identify required IT skill sets that support key business processes.
D. Develop quarterly training for each IT staff member.
Answer
A. Include strategic objectives in IT staff performance objectives.
CISA Question 3049
Question
Reports to the executive level concerning IT performance should focus on:
A. third-party compliance with organizational practices.
B. IT performance in relation to operational improvements.
C. IT deliverables against organizational strategies.
D. capacity planning effectiveness within the organization.
Answer
C. IT deliverables against organizational strategies.
CISA Question 3050
Question
The PRIMARY purpose of a precedence diagramming method in managing IT projects is to:
A. monitor project scope creep.
B. identify the critical path.
C. identify key milestones.
D. minimize delays and overruns.
Answer
B. identify the critical path.