The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
CISA Question 2941
Question
Which of the following has the GREATEST influence on the success of IT governance?
A. IT strategy is embedded in all risk management processes
B. Alignment of IT strategies with the entity’s vision
C. The CIO is a member of the audit committee
D. Clear, concise, and enforced IS policies
Answer
B. Alignment of IT strategies with the entity’s vision
CISA Question 2942
Question
Which of the following would provide management with the MOST reasonable assurance that a new data warehouse will meet the needs of the organization?
A. Appointing data stewards to provide effective data governance
B. Classifying data quality issues by the severity of their impact to the organization
C. Integrating data requirements into the system development life cycle (SDLC)
D. Facilitating effective communication between management and developers
Answer
A. Appointing data stewards to provide effective data governance
CISA Question 2943
Question
An organization plans to allow third parties to collect customer personal data from a retail loyalty platform via an application programming interface (API). Which of the following should be the PRIMARY consideration when designing this API?
A. Data governance policies
B. System resilience
C. Regulatory compliance
D. Data availability
Answer
C. Regulatory compliance
CISA Question 2944
Question
An organization recently implemented an industry-recognized IT framework to improve the overall effectiveness of IT governance. Which of the following would BEST enable an IS auditor to access the implementation against the framework?
A. Capability maturity model
B. Key risk indicators (KRIs)
C. Industry benchmarking
D. Balanced scorecard
Answer
A. Capability maturity model
CISA Question 2945
Question
Which of the following observations should be of GREATEST concern to an IS auditor performing a review of an organization’s IT governance structure?
A. The chief risk officer is also the chief information officer.
B. The chief information officer is prohibited from making capital decisions regarding IT.
C. The IT steering committee has oversight of the IT budget.
D. There are no IT subject matter expects on the board of directors.
Answer
A. The chief risk officer is also the chief information officer.
CISA Question 2946
Question
Which of the following is the GREATEST advantage of using a framework to guide an organization’s governance of IT?
A. It enables consistency when making strategic IT investments across the organization.
B. It enables better management of the annual IT budget provided by the board of directors.
C. It enables improvements to the security of high-risk systems in the organization.
D. It enables the achievement of service levels between IT and true business departments.
Answer
A. It enables consistency when making strategic IT investments across the organization.
CISA Question 2947
Question
When preparing to evaluate the effectiveness of an organization’s IT strategy, an IS auditor should FIRST review:
A. information security procedures.
B. the IT governance framework.
C. the most recent audit results.
D. IT processes and procedures.
Answer
B. the IT governance framework.
CISA Question 2948
Question
The BEST method an organization can employ to align its business continuity plan (BCP) and disaster recovery plan (DRP) with core business needs is to:
A. execute periodic walk-throughs of the plans.
B. update the business impact analysis (BIA) for significant business changes.
C. outsource the maintenance of the BCP and DRP to a third party.
D. include BCP and DRP responsibilities as a part of new employee training.
Answer
B. update the business impact analysis (BIA) for significant business changes.
CISA Question 2949
Question
While reviewing an organization’s business continuity plan (BCP), an IS auditor observes that a recently developed application is not included. The IS auditor should:
A. ensure that the criticality of the application is determined.
B. ignore the observation as the application is not mission critical.
C. include in the audit findings that the BCP is incomplete.
D. recommend that the application be incorporated in the BCP.
Answer
A. ensure that the criticality of the application is determined.
CISA Question 2950
Question
When reviewing business continuity plan (BCP) test results, it is MOST important for the IS auditor to determine whether the test:
A. verifies the ability to resume key business operations.
B. considers changes to the systems environment.
C. assesses the capability to retrieve vital
records.
D. follows up on activities that occurred since the previous test.
Answer
A. verifies the ability to resume key business operations.