Isaca CISA Quiz 479 Topic 4 Questions 2391-2395

Question: 1

An organization is including a client side software component of a Software as a Service (SaaS) solution as part of its standard PC age To protect the organization against copyright infringement, what is MOST important for the IS auditor to ensure?

AOpen source alter natives are prohibited

BContract clauses are reviewed

CLicense usage is assessed

DThe latest version of software is available.

Show Answer

Question: 2

Which of the following should be the FIRST step when developing a business continuity plan (BCP)?

ADiscuss recovery time and recovery process objectives with the business owner

BConduct a risk assessment

CChoose appropriate controls and measures for recovering IT components.

DDevelop a business continuity strategy

Show Answer

Question: 3

Which of the following would be MOST important for an IS auditor to review when identifying Key IT risk areas to include in an IS audit scope?

AIt risk management processes

BExternal audit reports

CControl self-assessments (CSAs)

DThe IT risk register

Show Answer

Question: 4

Which of the following is MOST reliable for identifying high-risk areas with large transactional volumes to be included in an audit plan.

ASample-based testing

BData analytics

CRecent security incidents

DThreat landscape

Show Answer

Question: 5

An IS auditor observes that an organization allows the use of freeware or open source software but does not have controls in place to verify software is being managed appropriately Which of the following is the auditor's BEST approach?

ADiscuss the associated risk with management.

BTest for compliance with terms of use

CExclude the software from the audit report since it is free to use

DComplete an inventory of free or open source software

Show Answer

Isaca CISA Quiz:479 Topic:4 Questions:2391-2395