Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 34

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 3521

Question

An IS audit manager has been asked to perform a quality review on an audit that the same manager also supervised. Which of the following is the manager’s BEST response to this situation?

A. Notify the audit committee of the situation.
B. Escalate the situation to senior audit leadership.
C. Determine whether audit evidence supports audit conclusions.
D. Discuss with the audit team to understand how conclusions were reached.

Answer

A. Notify the audit committee of the situation.

CISA Question 3522

Question

The PRIMARY reason for an IS auditor to use data analytics techniques is to reduce which type of audit risk?

A. Technology risk
B. Inherent risk
C. Detection risk
D. Control risk

Answer

C. Detection risk

CISA Question 3523

Question

When auditing a quality assurance plan, an IS auditor should be MOST concerned if the:

A. quality assurance function is separate from the programming function.
B. SDLC is coupled with the quality assurance plan.
C. quality assurance function is periodically reviewed by internal audit.
D. scope of quality assurance activities is undefined.

Answer

D. scope of quality assurance activities is undefined.

CISA Question 3524

Question

Which of the following is the BEST control to detect errors in an accounts payable system?

A. Alignment of the process to business objectives
B. Quality control review of new payments
C. Management approval of payments
D. Input validation

Answer

D. Input validation

CISA Question 3525

Question

An internal audit department recently established a quality assurance (QA) program. Which of the following activities is MOST important to include as part of the QA program requirements?

A. Ongoing monitoring of the audit activities
B. Analysis of user satisfaction reports from business lines.
C. Feedback from internal audit staff
D. Long-term internal audit resource planning

Answer

A. Ongoing monitoring of the audit activities

CISA Question 3526

Question

Which of the following observations would an IS auditor consider the GREATEST risk when conducting an audit of a virtual server farm for potential software vulnerabilities?

A. The hypervisor is updated quarterly.
B. Guest operating systems are updated monthly.
C. Antivirus software has been implemented on the guest operating system only.
D. A variety of guest operating systems operate on one virtual server.

Answer

C. Antivirus software has been implemented on the guest operating system only.

CISA Question 3527

Question

Which of the following is MOST important for an IS auditor to review when evaluating the effectiveness of an organization’s incident response process?

A. Past incident response actions
B. Incident response staff experience and qualifications
C. Results from management testing of incident response procedures
D. Incident response roles and responsibilities

Answer

C. Results from management testing of incident response procedures

CISA Question 3528

Question

Which of the following is the BEST IS audit strategy?

A. Perform audits based on impact and probability of error and failure.
B. Cycle general control and application audits over a two-year period.
C. Conduct general control audits annually and application audits in alternating years.
D. Limit audits to new application system developments.

Answer

A. Perform audits based on impact and probability of error and failure.

CISA Question 3529

Question

While planning a security audit, an IS auditor is made aware of a security review carried out by external consultants. It is MOST important for the auditor to:

A. re-perform the security review.
B. accept the findings and conclusions of the consultants.
C. review similar reports issued by the consultants.
D. assess the objectivity and competence of the consultants.

Answer

D. assess the objectivity and competence of the consultants.

CISA Question 3530

Question

Which of the following is MOST important for an IS auditor to ensure is included in a global organization’s online data privacy notification to customers?

A. Consequences to the organization for mishandling the data
B. Consent terms including the purpose of data collection
C. Contact information for reporting violations of consent
D. Industry standards for data breach notification

Answer

B. Consent terms including the purpose of data collection

Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.