Isaca CISA Quiz 80 Topic 2 Questions 396-400

Question: 1

A PRIMARY benefit derived by an organization employing control self-assessment (CSA) techniques is that CSA

Aallows IS auditors to independently assess risk

Ballows management to relinquish responsibility for control.

Ccan be used as a replacement for traditional audits.

Dcan identify high-risk areas for detailed review

Show Answer

Question: 2

An organization implemented a cybersecurity policy last year. Which of the following is the GREATEST indicator that the policy may need to be revised?

AA significant increase in external attack attempts.

BA significant increase in authorized connections to third parties.

CA significant increase in cybersecurity audit findings.

DA significant increase in approved exceptions.

Show Answer

Question: 3

An evaluation of an IT department finds that some IT goals do not align with the organization's goals. Which of the following would be the GREATEST impact?

AIT goals may not be valued across the organization

BIT may not meet thresholds on the balanced scorecard

CIT resources may not be effectively managed

DIT may prioritize projects with little perceived value outside the department

Show Answer

Question: 4

A system development project is experiencing delays due to ongoing staff shortages Which of the following strategies would provide the GREATEST assurance of system quality at implementation?

ARecruit IS staff to expedite system development

BDeliver only the core functionality on the initial target date

CImplement overtime pay and bonuses for all development staff

DUtilize new system development tools to improve productivity

Show Answer

Question: 5

Which of the following should be the FIRST step when planning an IS audit of a third-party service provider that monitors network activities?

AEvaluate the organization's third-party monitoring process.

BDetermine if the organization has a secure connection to the provider.

CReview the roles and responsibilities of the third-party provider.

DReview the third party's monitoring logs and incident handling.

Show Answer

Isaca CISA Quiz:80 Topic:2 Questions:396-400