Isaca CISA Exam Practice Test Instant Access

Question 1

During an audit of identity and access management, an IS auditory finds that the engagement audit plan does not include the testing of controls that regulate access by third parties. Which of the following would be the auditor's BEST course of action?

APlan to test these controls in another audit

BEscalate the deficiency to audit management.

CAdd testing of third-party access controls to the scope of the audit.

DDetermine whether the risk has been identified in the planning documents

Answer : C

Question 2

Which of the following approaches provides the BEST assurance and user confidence when an organization migrates data to a more complex enterprise resource planning (ERP) system?

APilot testing

BUser acceptance testing

CPhased changeover

DParallel processing

Answer : D

Question 3

When reviewing an organization's information security policies, an IS auditor should verify that the policies have been defined PRIMARILY on the basis of

Aan information security framework

Bindustry best practices

Cpast information security incidents

Da risk management process

Answer : A

Question 4

Invoking a business continuity plan (BCP) is demonstrating which type of control?

APreventive

BDetective

CCorrective

DDirective

Answer : C

Question 5

The risk of communication failure in an e-commerce environment is BEST minimized through the use of

Aa packet filtering firewall to reroute messages.

Balternative or diverse routing

Cfunctional or message acknowledgments

Dcompression software to minimize transmission duration.

Answer : B

Please Wait...

Isaca Certified Information Systems Auditor Exam Practice Test

Question 1

Question 2

Question 3

Question 4

Question 5

Please Wait...

Popular Vendors

Isaca Certified Information Systems Auditor Exam Practice Test

Question 1

Question 2

Question 3

Question 4

Question 5