Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 29

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 3041

Question

Which of the following would be MOST important to update once a decision has been made to outsource a critical application to a cloud service provider?

A. Project portfolio
B. IT resource plan
C. IT budget
D. Business impact analysis (BIA)

Answer

D. Business impact analysis (BIA)

CISA Question 3042

Question

Which of the following is the PRIMARY risk when business units procure IT assets without IT involvement?

A. Corporate procurement standards are not followed.
B. The business units want IT to be responsible for maintenance costs.
C. Data security requirements are not considered.
D. System inventory becomes inaccurate.

Answer

A. Corporate procurement standards are not followed.

CISA Question 3043

Question

The performance, risks, and capabilities of an IT infrastructure are BEST measured using a:

A. balanced scorecard.
B. risk management review.
C. service level agreement (SLA).
D. control self-assessment (CSA).

Answer

A. balanced scorecard.

CISA Question 3044

Question

When developing metrics to measure the contribution of IT to the achievement of business goals, the MOST important consideration is that the metrics:

A. measure the effectiveness of IT controls in the achievement of IT strategy.
B. provide quantitative measurement of IT initiatives in relation with business targets.
C. are expressed in terms of how IT risk impacts the achievement of business goals.
D. are used by similar industries to measure the effect of IT on business strategy.

Answer

B. provide quantitative measurement of IT initiatives in relation with business targets.

CISA Question 3045

Question

An operations manager has recently moved to internal audit. Which of the following would be of GREATEST concern when assigning audit projects to this individual?

A. A control within the audit scope was implemented by the operations manager six months ago.
B. A control within the audit scope was downgraded to low risk by the operations manager six months ago.
C. The owner of a process within the audit scope worked for the operations manager six month ago.
D. A system within the audit scope is supported by an emerging technology for which the operations manager lacks experience.

Answer

A. A control within the audit scope was implemented by the operations manager six months ago.

CISA Question 3046

Question

Which of the following is the MOST effective control to reduce the risk of information leakage through social media?

A. Use of keystroke loggers
B. Periodic review of the data classification policy
C. Limited access to social media sites in the workplace
D. Security awareness training

Answer

D. Security awareness training

CISA Question 3047

Question

Which of the following should be the PRIMARY basis for planning and prioritizing IT infrastructure security audits?

A. Asset value to the organization
B. Management requests
C. The organization’s risk appetite
D. Security best practice

Answer

A. Asset value to the organization

CISA Question 3048

Question

To enable the alignment of IT staff development plans with IT strategy, which of the following should be done FIRST?

A. Include strategic objectives in IT staff performance objectives.
B. Review IT staff job descriptions for alignment.
C. Identify required IT skill sets that support key business processes.
D. Develop quarterly training for each IT staff member.

Answer

A. Include strategic objectives in IT staff performance objectives.

CISA Question 3049

Question

Reports to the executive level concerning IT performance should focus on:

A. third-party compliance with organizational practices.
B. IT performance in relation to operational improvements.
C. IT deliverables against organizational strategies.
D. capacity planning effectiveness within the organization.

Answer

C. IT deliverables against organizational strategies.

CISA Question 3050

Question

The PRIMARY purpose of a precedence diagramming method in managing IT projects is to:

A. monitor project scope creep.
B. identify the critical path.
C. identify key milestones.
D. minimize delays and overruns.

Answer

B. identify the critical path.

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.