In the development of a new financial application, the IS auditor's FIRST involvement should be in the:
Which of the following technologies has the SMALLEST maximum range for data transmission between devices?
A firewall between internal network segments improves security and reduces risk by:
Which of the following should be an IS auditor's GREATEST concern when a data owner assigns an incorrect classification level to data?
During a project assessment, an IS auditor finds that business owners have been removed from the project initiation phase. Which of the following should be the auditor's GREATEST concern with this situation?
During a routine internal software licensing review, an IS auditor discovers instances where employees shared license keys to critical pieces of business software. Which of the following would be the auditor's BEST course of action?
Which of the following risk scenarios is BEST addressed by implementing policies and procedures related to full disk encryption?
As part of business continuity planning, which of the following is MOST important to assess when conducting a business impact analysis (B1A)?
Which of the following is the PRIMARY reason to perform a risk assessment?
Which of the following is the MOST important responsibility of user departments associated with program changes?
Which of following areas is MOST important for an IS auditor to focus on when reviewing the maturity model for a technology organization?
Which of the following is the BEST control to minimize the risk of unauthorized access to lost company-owned mobile devices?
An organization is concerned with meeting new regulations for protecting data confidentiality and asks an IS auditor to evaluate their procedures for transporting data. Which of the
following would BEST support the organization's objectives?
Which of the following is MOST important for an IS auditor to validate when auditing network device management?
An IS auditor is evaluating the progress of a web-based customer service application development project. Which of the following would be MOST helpful for this evaluation?
Which of the following is a PRIMARY responsibility of an IT steering committee?
When is it MOST important for an IS auditor to apply the concept of materiality in an audit?
An IS auditor is asked to review an organization's technology relationships, interfaces, and data. Which of the following enterprise architecture (EA) areas is MOST appropriate this review? (Choose Correct answer and give explanation from CISA Certification - Information Systems Auditor official book)
Which of the following is MOST important to determine when conducting an audit Of an organization's data privacy practices?
An IS department is evaluated monthly on its cost-revenue ratio user satisfaction rate, and computer downtime This is BEST zed as an application of.
An organization has replaced all of the storage devices at its primary data center with new higher-capacity units The replaced devices have been installed at the disaster recovery site to replace older units An IS auditor s PRIMARY concern would be whether
An IS auditor is preparing a plan for audits to be carried out over a specified period. Which of the following activities should the IS auditor perform FIRST?
Transaction records from a business database were inadvertently deleted, and system operators decided to restore from a snapshot copy. Which of the following provides assurance that the BEST transactions were recovered successfully?
Which of the following is the BEST way to detect unauthorized copies of licensed software on systems?
Which of the following is the BEST source of information for examining the classification of new data?
Which of the following is the PRIMARY purpose of obtaining a baseline image during an operating system audit?
Which of the following should be of GREATEST concern to an |$ auditor reviewing data conversion and migration during the implementation of a new application system?
An IS auditor engaged in developing the annual internal audit plan learns that the chief information officer (CIO) has requested there be no IS audits in the upcoming year as more time is needed to address a large number of recommendations from the previous year. Which of the following should the auditor do FIRST
Following a breach, what is the BEST source to determine the maximum amount of time before customers must be notified that their personal information may have been compromised?
Which of the following is the BEST methodology to use for estimating the complexity of developing a large business application?
Which of the following is the BEST indication of effective IT investment management?
Due to advancements in technology and electronic records, an IS auditor has completed an engagement by email only. Which of the following did the IS auditor potentially compromise?
Which of the following is the BEST way to help ensure new IT implementations align with enterprise architecture (EA) principles and requirements?
Which of the following observations should be of GREATEST concern to an IS auditor performing an audit of change and release management controls for a new complex system developed by a small in-house IT team?
An IS auditor should look for which of the following to ensure the risk associated with scope creep has been mitigated during software development?
Which of the following is MOST critical to the success of an information security program?
An IS auditor is reviewing enterprise governance and finds there is no defined organizational structure for technology risk governance. Which of the following is the GREATEST concern with this lack of structure?
Which of the following is BEST used for detailed testing of a business application's data and configuration files?
Which of the following is MOST critical to the success of an information security program?
A transaction processing system interfaces with the general ledger. Data analytics has identified that some transactions are being recorded twice in the general ledger. While management states a system fix has been implemented, what should the IS auditor recommend to validate the interface is working in the future?
Aligning IT strategy with business strategy PRIMARILY helps an organization to:
The PRIMARY purpose of an incident response plan is to:
Which of the following is the BEST indication of effective governance over IT infrastructure?
To reduce operational costs, IT management plans to reduce the number of servers currently used to run business applications. Which of the following is MOST helpful to review when identifying which servers are no longer required?
An IS audit manager is reviewing workpapers for a recently completed audit of the corporate disaster recovery test. Which of the following should the IS audit manager specifically review to substantiate the conclusions?
Which of the following findings from a database security audit presents the GREATEST risk of critical security exposures?
When reviewing an IT strategic plan, the GREATEST concern would be that
An IS auditor has learned that access privileges are not periodically reviewed or updated. Which of the following would provide the BEST evidence to determine whether transactions have been executed by authorized employees?
Stress testing should ideally be carried out under a:
Which of the following is the BEST way to ensure an organization's data classification policies are preserved during the process of data transformation?
PDF + Testing Engine
|
---|
$87.15 |
Testing Engine
|
---|
$78.75 |
PDF (Q&A)
|
---|
$69.65 |
Isaca Free Exams |
---|
|