CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 361
1. Which of the following should be the GREATEST concern to an IS auditor reviewing the information security framework of an organization?
A) The information security policy has not been updated in the last two years.
B) A list of critical information assets was not included in the information security policy.
C) Senior management was not involved in the development of the information security policy.
D) The information security policy is not aligned with regulatory requirements.
2. The business case for an IS project has changed during the course of the project due to new requirements being added. What should be done NEXT?
A) The project should go through the formal reapproval process.
B) The changes to the business case should be documented in the project plan.
C) Additional resources should be allocated to the project due to the new requirements.
D) Project stakeholders should be notified of the changes.
3. An organization has implemented a control to help ensure databases containing personal information will not be updated with online transactions that are incomplete due to connectivity issues. Which of the following information attributes is PRIMARILY addresses by this control?
A) Integrity
B) Confidentiality
C) Availability
D) Compliance
4. When planning an audit, it is acceptable for an IS auditor to rely on a third-party provider's external audit report on service level management when the:
A) report was released within the last 12 months.
B) scope and methodology meet audit requirements.
C) service provider is independently certified and accredited.
D) report confirms that service levels were not violated.
5. When auditing a software development project, a review of which of the following will BEST verify that project work is adequately subdivided?
A) Work breakdown structure
B) Statement of work
C) Scope statement
D) Functional and technical design documents
A) The information security policy has not been updated in the last two years.
B) A list of critical information assets was not included in the information security policy.
C) Senior management was not involved in the development of the information security policy.
D) The information security policy is not aligned with regulatory requirements.
2. The business case for an IS project has changed during the course of the project due to new requirements being added. What should be done NEXT?
A) The project should go through the formal reapproval process.
B) The changes to the business case should be documented in the project plan.
C) Additional resources should be allocated to the project due to the new requirements.
D) Project stakeholders should be notified of the changes.
3. An organization has implemented a control to help ensure databases containing personal information will not be updated with online transactions that are incomplete due to connectivity issues. Which of the following information attributes is PRIMARILY addresses by this control?
A) Integrity
B) Confidentiality
C) Availability
D) Compliance
4. When planning an audit, it is acceptable for an IS auditor to rely on a third-party provider's external audit report on service level management when the:
A) report was released within the last 12 months.
B) scope and methodology meet audit requirements.
C) service provider is independently certified and accredited.
D) report confirms that service levels were not violated.
5. When auditing a software development project, a review of which of the following will BEST verify that project work is adequately subdivided?
A) Work breakdown structure
B) Statement of work
C) Scope statement
D) Functional and technical design documents
1. Right Answer: B
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: A
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment