CISA exam

Which of the following is MOST important with regard to an application development acceptance test?A . The programming team is involved in the testing process. B. All data files are tested for valid information before conversion. C. User management approves the test design before the test is started. D. The...

Which of the following is the MOST effective control to mitigate unintentional misuse of authorized access?A . Annual sign-off of acceptable use policy B. Regular monitoring of user access logs C. Security awareness training D. Formalized disciplinary actionView AnswerAnswer: C

When determining whether a project in the design phase will meet organizational objectives, what is BEST to compare against the business case?A . Implementation plan B. Project budget provisions C. Requirements analysis D. Project planView AnswerAnswer: C

Which of the following will be the MOST effective method to verify that a service vendor keeps control levels as required by the client?A . Conduct periodic on-site assessments using agreed-upon criteria. B. Periodically review the service level agreement (SLA) with the vendor. C. Conduct an unannounced vulnerability assessment of...

Which of the following is the PRIMARY advantage of parallel processing for a new system implementation?A . Assurance that the new system meets functional requirements B. More time for users to complete training for the new system C. Significant cost savings over other system implemental or approaches D. Assurance that...

An IS auditor is conducting a post-implementation review of an enterprise resource planning (ERP) system. End users indicated concerns with the accuracy of critical automatic calculations made by the system. The auditor's FIRST course of action should be to:A . review recent changes to the system. B. verify completeness of...

Which of the following is the MOST important prerequisite for the protection of physical information assets in a data center?A . Segregation of duties between staff ordering and staff receiving information assets B. Complete and accurate list of information assets that have been deployed C. Availability and testing of onsite...

Management is concerned about sensitive information being intentionally or unintentionally emailed as attachments outside the organization by employees. What is the MOST important task before implementing any associated email controls?A . Require all employees to sign nondisclosure agreements (NDAs). B. Develop an acceptable use policy for end-user computing (EUC). C....

An online retailer is receiving customer complaints about receiving different items from what they ordered on the organization's website. The root cause has been traced to poor data quality. Despite efforts to clean erroneous data from the system, multiple data quality issues continue to occur. Which of the following recommendations...

Which of the following should be the MOST important consideration when conducting a review of IT portfolio management?A . Assignment of responsibility for each project to an IT team member B. Adherence to best practice and industry approved methodologies C. Controls to minimize risk and maximize value for the IT...