Isaca CISA Exam Practice Test Instant Access

Question 1

Which of the following is MOST important for an IS auditor to do during an exit meeting with an auditee?

AEnsure that the facts presented in the report are correct.

BSpecify implementation dates for the recommendations.

CRequest input in determining corrective action.

DCommunicate the recommendations to senior management

Answer : D

Question 2

Which of the following access rights presents the GREATEST risk when granted to a new member of the system development staff?

AWrite access to development data libraries

BExecute access to development program libraries

CWrite access to production program libraries

DExecute access to production program libraries

Answer : A

Question 3

During a review of an organizations network threat response process, the IS auditor noticed that the majority of alerts were closed without resolution.

Management responded that those alerts were unworkable due to lack of actionable intelligence, and therefore the support team is allowed to close them. What is the BEST way for the auditor to address this situation?'

AFurther review closed unactioned alerts to identify mishandling of threats.

BOmit the finding from the report as this practice is in compliance with the current policy.

CRecommend that management enhance the policy and improve threat awareness training.

DReopen unactioned alerts and report to the audit committee.

Answer : A

Question 4

An organization needs to comply with data privacy regulations forbidding the display of personally identifiable information (Pll) on customer bills or receipts However it is a business requirement to display at least one attribute so that customers can verify the bills or receipts are intended for them What is the BEST recommendation?

AData encryption

BData tokenization

CData masking

DData sanitization

Answer : C

Question 5

An IS auditor is assessing the results of an organization's post-implementation review of a newly developed information system. Which of the following should be the auditor's MAIN focus?

ABenefits realization analysis has been completed

BThe disaster recovery plan (DRP) has been updated

CThe procurement contract has been closed

DLessons learned have been identified

Answer : B

Question 6

A senior auditor is reviewing work papers prepared by a junior auditor indicating that a finding was removed after the auditee said they corrected the problem. Which of the following is the senior auditor's MOST appropriate course of action?

AHave the finding reinstated

BAsk the auditee to retest

CRefer the issue to the audit director

DApprove the work papers as written

Answer : D

Question 7

Which of the following BEST ensures the quality and integrity of test procedures used in audit analytics?

ADeveloping and communicating test procedure best practices to audit teams

BCentralizing procedures and implementing change control

CDeveloping and implementing an audit data repository

DDecentralizing procedures and implementing periodic peer review

Answer : A

Isaca Certified Information Systems Auditor Exam Practice Test

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7