Isaca CISA Quiz 30 Topic 6 Questions 146-150

Question: 1

An IS auditor reviewing a project to acquire an IT-based solution learns the risk associated with project failure has been assessed as high. What is the auditor's BEST course of action?

AReassess project costs to ensure they are within the organization's risk tolerance.

BReview the risk monitoring process during project execution.

CReview benefits realization against the business case.

DInform management about potential losses due to project failure.

Show Answer

Question: 2

Which of the following reports would provide the GREATEST assurance to an IS auditor about the controls of a third party that processes critical data for the organization?

AIndependent control assessment

BBlack box penetration test report

CVulnerability scan report

DThe third party's control self-assessment (CSA)

Show Answer

Question: 3

An organization is considering allowing users to conned personal devices to the corporate network. Which of the following should be done FIRST?

AConfigure users on the mobile device management (MDM) solution.

BConduct security awareness training.

CImplement an acceptable use policy.

DCreate inventory records of personal devices.

Show Answer

Question: 4

Which of the following is the GREATEST risk associated with the lack of an effective data privacy program?

AInability to obtain customer confidence

BInability to manage access to private or sensitive data

CFailure to comply with data-related regulations

DFailure to prevent fraudulent transactions

Show Answer

Question: 5

Which of the following is MOST likely to ensure that an organization's systems development meets its business objectives?

AA focus on strategic projects

BBusiness owner involvement

CA project plan with clearly identified requirements

DSegregation of systems development and testing

Show Answer

Isaca CISA Quiz:30 Topic:6 Questions:146-150