Isaca CISA Quiz 79 Topic 8 Questions 391-395

Question: 1

Which of the following is the MOST important consideration for an organization when strategizing to comply with privacy regulations?

AEnsuring regular access recertification to information systems

BEnsuring up-to-date knowledge of where customer personal data is saved

CEnsuring contracts with third parties that process customer data are regularly updated

DEnsuring there are staff members with in-depth knowledge of the regulations.

Show Answer

Question: 2

An organization is developing data classification standards and has asked internal audit for advice on aligning the standards with best practices. Internal audit would MOST likely recommend the standards should be:

Abased on the results of an organization-wide risk assessment

Bbased on the business requirements for confidentiality of the information.

Caligned with the organization's segregation of duties requirements

Dbased on the business requirements for authentication of the information.

Show Answer

Question: 3

Which of the following is the BEST indicator for measuring performance of the IT help desk function?

ANumber of reopened tickets

BPercentage of problems raised from incidents

CNumber of incidents reported

DMean time to categorize tickets

Show Answer

Question: 4

An IS auditor is reviewing a sample of production incidents and notes that a root cause analysis is not being performed. Which of the following is the GREATEST risk associated with this finding?

AFuture incidents may not be resolved in a timely manner.

BService level agreements (SLAs) may not be met.

CFuture incidents may be prioritized inappropriately.

DThe same incident may occur in the future.

Show Answer

Question: 5

Which of the following should be of GREATEST concern to an IS auditor reviewing an organization's IT process performance reports over the last quarter?

AMetrics are not aligned with industry benchmarks.

BKey performance indicators (KPIs) were met in only one month.

CMetrics were defined without stakeholder review.

DPerformance reporting includes too many technical terms.

Show Answer

Isaca CISA Quiz:79 Topic:8 Questions:391-395