Special Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free CISA Isaca Updates

Page: 33 / 105
Total 1404 questions

Certified Information Systems Auditor Questions and Answers

Question 129

When reviewing past results of a recurring annual audit, an IS auditor notes that findings may not have been reported and independence may not have been maintained. Which of the following is the auditor's BEST course of action?

Options:

A.

Inform senior management.

B.

Reevaluate internal controls.

C.

Inform audit management.

D.

Re-perform past audits to ensure independence.

Question 130

Which of the following is MOST important to ensure when developing an effective security awareness program?

Options:

A.

Training personnel are information security professionals.

B.

Outcome metrics for the program are established.

C.

Security threat scenarios are included in the program content.

D.

Phishing exercises are conducted post-training

Question 131

During an audit, the IS auditor finds that in many cases excessive rights were not removed from a system. Which of the following is the auditor's BEST recommendation?

Options:

A.

System administrators should ensure consistency of assigned rights.

B.

IT security should regularly revoke excessive system rights.

C.

Human resources (HR) should delete access rights of terminated employees.

D.

Line management should regularly review and request modification of access rights

Question 132

During a project audit, an IS auditor notes that project reporting does not accurately reflect current progress. Which of the following is the GREATEST resulting impact?

Options:

A.

The project manager will have to be replaced.

B.

The project reporting to the board of directors will be incomplete.

C.

The project steering committee cannot provide effective governance.

D.

The project will not withstand a quality assurance (QA) review.

Page: 33 / 105
Total 1404 questions