Learn how to answer a CISA exam question about the GREATEST concern associated with control self-assessments (CSAs). Get expert tips and explanations.
Table of Contents
Question
Which of the following is the GREATEST concern associated with control self-assessments (CSAs)?
A. Employees may have insufficient awareness of controls.
B. The assessment may not provide sufficient assurance to stakeholders.
C. Controls may not be assessed objectively.
D. Communication between operational management and senior management may not be effective.
Answer
C. Controls may not be assessed objectively.
Explanation
Control self-assessments (CSAs) are a technique to evaluate the effectiveness of internal controls by involving the staff who perform them. The GREATEST concern associated with CSAs is the lack of objectivity, as the staff may have biases, conflicts of interest, or insufficient knowledge to assess the controls properly. Therefore, option C is correct.
Options A, B, and D are not correct because they are not the GREATEST concern associated with CSAs. Employees may have insufficient awareness of controls, but this can be mitigated by providing adequate training and guidance.
The assessment may not provide sufficient assurance to stakeholders, but this can be addressed by supplementing the CSA with independent audits or reviews. Communication between operational management and senior management may not be effective, but this can be improved by establishing clear roles and responsibilities, reporting mechanisms, and feedback channels.
Isaca Certified Information Systems Auditor CISA certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Isaca Certified Information Systems Auditor CISA exam and earn Isaca Certified Information Systems Auditor CISA certification.