Isaca CISA Quiz 85 Topic 5 Questions 421-425

Question: 1

An organization that has suffered a cyber attack is performing a forensic analysis of the affected users' computers Which of the following should be of GREATEST concern for the IS editor reviewing this process?

AAudit was only involved during extraction of the information.

BThe legal department has not been engaged.

CThe chain of custody has not been documented

DAn imaging process was used to obtain a copy of the data from each computer.

Show Answer

Question: 2

An IS auditor is conducting a post-implementation review of an enterprise resource planning (ERP) system End users indicated concerns with the accuracy of critical automatic calculations made by the system. The auditor's FIRST course of action should be to:

Areview recent changes to the system

Bverify completeness of user acceptance testing

Cverify results to determine validity of user concerns

Dreview initial business requirements

Show Answer

Question: 3

What is the PRIMARY reason to adopt a risk-based IS audit strategy?

ATo achieve synergy between audit and other risk management functions

BTo identity key threats, risks, and controls for the organization

CTo reduce the time and effort needed to perform a full audit cycle

DTo prioritize available resources and focus on areas with significant risk

Show Answer

Question: 4

Which of the following governance functions is responsible for ensuring IT projects have sufficient resources and are prioritized appropriately?

AExecutive management

BIT management

CIT steering committee

DBoard of directors

Show Answer

Question: 5

An organization is shifting to a remote workforce. In preparation, the IT department is performing stress and capacity testing of remote access infrastructure and systems. What type of control is being implemented?

ADirective

BPreventive

CCompensating

DDetective

Show Answer

Isaca CISA Quiz:85 Topic:5 Questions:421-425