Isaca CISA Quiz 476 Topic 1 Questions 2376-2380

Question: 1

An IS auditor observed a lack of compliance with a documented control and rated the noncompliance as a high-risk finding. The auditee has challenged the rating, stating the noncompliance is low-risk. Which of the following is the auditor's BEST course of action?

AChange the risk if it does not introduce audit risk.

BEscalate the disagreement to audit management.

CKeep the high-risk rating because it reflects the audit conclusions.

DReport the high-risk finding to senior management.

Show Answer

Question: 2

What would be an IS auditor's BEST recommendation upon discovering that consumer records in a database have not been protected?

AEncrypt the data in the database.

BImplement access controls.

CEnsure database patches are installed.

DImplement security event log reviews.

Show Answer

Question: 3

An organization has recently acquired another organization. When reviewing both IS departments, the IS auditor discovers two redundant IT applications. Which of the following would be the auditor's BEST recommendation for management?

AAssess the gaps on both applications to determine further steps.

BDevelop an initiative to integrate both applications.

CKeep the most comprehensive application as approved by senior management.

DSubmit a request for proposal (RFP) to replace the applications.

Show Answer

Question: 4

A software development project has had a significant scope reduction. Which of the following is the MOST important action for the IS auditor to perform in this situation?

ADetermining if managed maturity levels have been employed

BInforming IT and management about the scope reduction

CVerifying that IT costs have been reduced

DEvaluating the effects on key controls

Show Answer

Question: 5

Which of the following is the MOST effective control In an organization to mitigate the risk of insider misuse of personal devices?

ASecurity risk assessments Period

Bvulnerability scanning

CSecurity awareness training

DComprehensive procedures on data security

Show Answer

Isaca CISA Quiz:476 Topic:1 Questions:2376-2380