Isaca CISA Quiz 293 Topic 3 Questions 1461-1465

Question: 1

.Who is responsible for implementing cost-effective controls in an automated system?

ASecurity policy administrators

BBusiness unit management

CSenior management

DBoard of directors

Show Answer

Question: 2

.Why does an IS auditor review an organization chart?

ATo optimize the responsibilities and authority of individuals

BTo control the responsibilities and authority of individuals

CTo better understand the responsibilities and authority of individuals

DTo identify project sponsors

Show Answer

Question: 3

.Ensuring that security and control policies support business and IT objectives is a primary objective of:

AAn IT security policies audit

BA processing audit

CA software audit

DA vulnerability assessment

Show Answer

Question: 4

.When auditing third-party service providers, an IS auditor should be concerned with which of the following? Choose the BEST answer.

AOwnership of the programs and files

BA statement of due care and confidentiality, and the capability for continued service of the service provider in the event of a disaster

CA statement of due care

DOwnership of programs and files, a statement of due care and confidentiality, and the capability for continued service of the service provider in the event of a disaster

Show Answer

Question: 5

.When performing an IS strategy audit, an IS auditor should review both short-term (one-year) and long-term (three-to five-year) IS strategies, interview appropriate corporate management personnel, and ensure that the external environment has been considered. The auditor should especially focus on procedures in an audit of IS strategy. True or false?

ATrue

BFalse

Show Answer

Isaca CISA Quiz:293 Topic:3 Questions:1461-1465