During an audit of a reciprocal disaster recovery agreement between two companies, the IS auditor would be MOST concerned with the:
A. allocation of resources during an emergency.
B. frequency of system testing.
C. differences in IS policies and procedures.
D. maintenance of hardware and software compatibility.
Which of the following is MOST important for an IS auditor to review when evaluating the accuracy of a spreadsheet that contains several macros?
A. Encryption of the spreadsheet
B. Version history
C. Formulas within macros
D. Reconciliation of key calculations
In a small IT web development company where developers must have write access to production, the BEST recommendation of an IS auditor would be to:
A. hire another person to perform migration to production.
B. implement continuous monitoring controls.
C. remove production access from the developers.
D. perform a user access review for the development team
Which of the following would be to MOST concern when determine if information assets are adequately safequately safeguarded during transport and disposal?
A. Lack of appropriate labelling
B. Lack of recent awareness training.
C. Lack of password protection
D. Lack of appropriate data classification
An IS auditor is reviewing an organization's information asset management process. Which of the following would be of GREATEST concern to the auditor?
A. The process does not require specifying the physical locations of assets.
B. Process ownership has not been established.
C. The process does not include asset review.
D. Identification of asset value is not included in the process.
Which of the following data would be used when performing a business impact analysis (BIA)?
A. Projected impact of current business on future business
B. Cost-benefit analysis of running the current business
C. Cost of regulatory compliance
D. Expected costs for recovering the business
A system development project is experiencing delays due to ongoing staff shortages. Which of the following strategies would provide the GREATEST assurance of system quality at implementation?
A. Implement overtime pay and bonuses for all development staff.
B. Utilize new system development tools to improve productivity.
C. Recruit IS staff to expedite system development.
D. Deliver only the core functionality on the initial target date.
An IT balanced scorecard is the MOST effective means of monitoring:
A. governance of enterprise IT.
B. control effectiveness.
C. return on investment (ROI).
D. change management effectiveness.
Which of the following would be an IS auditor's GREATEST concern when reviewing the early stages of a software development project?
A. The lack of technical documentation to support the program code
B. The lack of completion of all requirements at the end of each sprint
C. The lack of acceptance criteria behind user requirements.
D. The lack of a detailed unit and system test plan
Which of the following is the BEST way to address segregation of duties issues in an organization with budget constraints?
A. Rotate job duties periodically.
B. Perform an independent audit.
C. Hire temporary staff.
D. Implement compensating controls.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Isaca exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CISA exam preparations and Isaca certification application, do not hesitate to visit our Vcedump.com to find your solutions here.