2. Download valid CISA Practice Exam From PassQuestion
1.Which of the following would be to MOST concern when determine if
information assets are adequately safequately safeguarded during transport and
disposal?
A. Lack of appropriate labelling
B. Lack of recent awareness training.
C. Lack of password protection
D. Lack of appropriate data classification
Answer: D
3. Download valid CISA Practice Exam From PassQuestion
2.When reviewing an organization's information security policies, an IS auditor should verify
that the policies have been defined PRIMARILY on the basis of:
A. a risk management process.
B. an information security framework.
C. past information security incidents.
D. industry best practices.
Answer: B
4. Download valid CISA Practice Exam From PassQuestion
3. During an ongoing audit, management requests a briefing on the findings to date.
Which of the following is the IS auditor's BEST course of action?
A. Review working papers with the auditee.
B. Request the auditee provide management responses.
C. Request management wait until a final report is ready for discussion.
D. Present observations for discussion only.
Answer: D
5. Download valid CISA Practice Exam From PassQuestion
4.Which of the following is the BEST recommendation to prevent fraudulent electronic funds
transfers by accounts payable employees?
A. Periodic vendor reviews
B. Dual control
C. Independent reconciliation
D. Re-keying of monetary amounts
E. Engage an external security incident response expert for incident handling.
Answer: B
6. Download valid CISA Practice Exam From PassQuestion
5.The implementation of an IT governance framework requires that the b
oard of directors of an organization:
A. Address technical IT issues.
B. Be informed of all IT initiatives.
C. Have an IT strategy committee.
D. Approve the IT strategy.
Answer: D
7. Download valid CISA Practice Exam From PassQuestion
6. An organization's enterprise architecture (EA) department decides to change a legacy system's
components while maintaining its original functionality.
Which of the following is MOST important for an IS auditor to understand when reviewing this
decision?
A. The current business capabilities delivered by the legacy system
B. The proposed network topology to be used by the redesigned system
C. The data flows between the components to be used by the redesigned system
D. The database entity relationships within the legacy system
Answer: A
8. Download valid CISA Practice Exam From PassQuestion
7.IS management has recently disabled certain referential integrity controls in the
database
management system (DBMS) software to provide users increased query
performance.
Which of the following controls will MOST effectively compensate for the lack of
referential integrity?
A. More frequent data backups
B. Periodic table link checks
C. Concurrent access controls
D. Performance monitoring tools
Answer: B
9. Download valid CISA Practice Exam From PassQuestion
8. Which of the following is MOST useful for determining whether the
goals of IT are aligned with the organization's goals?
A. Balanced scorecard
B. Enterprise dashboard
C. Enterprise architecture (EA)
D. Key performance indicators (KPIs)
Answer: B
10. Download valid CISA Practice Exam From PassQuestion
9. During the design phase of a software development project, the PRIMARY
responsibility of an IS auditor is to evaluate the:
A. Future compatibility of the application.
B. Proposed functionality of the application.
C. Controls incorporated into the system specifications.
D. Development methodology employed.
Answer: C
11. Download valid CISA Practice Exam From PassQuestion
10. Which of the following would BEST demonstrate that an effective disaster recovery plan
(DRP) is in place?
A. Frequent testing of backups
B. Annual walk-through testing
C. Periodic risk assessment
D. Full operational test
Answer: D