Which of the following would be of GREATEST concern?

CISA V2 0 Comments

An IS auditor is evaluating an organization’s IT strategy and plans.

Which of the following would be of GREATEST concern?
A . There is not a defined IT security policy.
B . The business strategy meeting minutes are not distributed.
C . IT is not engaged in business strategic planning.
D . There is inadequate documentation of IT strategic planning.

Answer: C

Explanation:

The greatest concern for an IS auditor when evaluating an organization’s IT strategy and plans is that IT is not engaged in business strategic planning, as this indicates a lack of alignment between IT and business objectives, which could result in inefficient and ineffective use of IT resources and capabilities. The absence of a defined IT security policy, the nondistribution of business strategy meeting minutes, and the inadequate documentation of IT strategic planning are also issues that should be addressed by an IS auditor, but they are not as significant as IT’s noninvolvement in business strategic planning.

References: CISA Review Manual (Digital Version), Chapter 3, Section 3.1

Latest CISA Dumps Valid Version with 2694 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CISA PDF     CISA Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments