Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. ISACA
  3. CISA

ISACA CISA Exam (page: 46)
ISACA Certified Information Systems Auditor
Updated on: 25-Dec-2025

Viewing Page 46 of 366
CISA PDF 1823 Questions

An employee approaches an IS auditor and expresses concern about a critical security issue in a newly installed application. Which of the following would be the
MOST appropriate action for the auditor to take?

  1. Discuss the concern with audit management
  2. Recommend reverting to the previous application.
  3. Immediately conduct a review of the application.
  4. Discuss the concern with additional end users.

Answer(s): A



An organization has outsourced its data processing function to a service provider. Which of the following would BEST determine whether the service provider continues to meet the organization's objectives?

  1. Periodic audits of controls by an independent auditor
  2. Adequacy of the service provider's insurance
  3. Assessment of the personnel training processes of the provider
  4. Review of performance against service level agreements (SLAs)

Answer(s): D



The PRIMARY objective of value delivery in reference to IT governance is to:

  1. increase efficiency.
  2. optimize investments.
  3. ensure compliance.
  4. promote best practices.

Answer(s): B



What is the MAIN purpose of an organization's internal IS audit function?

  1. Provide assurance to management about the effectiveness of the organization's risk management and internal controls.
  2. Identify and initiate necessary changes in the control environment to help ensure sustainable improvement.
  3. Review the organization's policies and procedures against industry best practice and standards.
  4. Independently attest the organization's compliance with applicable legal and regulatory requirements.

Answer(s): A



Following a recent internal data breach, an IS auditor was asked to evaluate information security practices within the organization. Which of the following findings would be MOST important to report to senior management?

  1. Employees are not required to sign a non-compete agreement.
  2. Security education and awareness workshops have not been completed.
  3. Users lack technical knowledge related to security and data protection.
  4. Desktop passwords do not require special characters.

Answer(s): C



Viewing Page 46 of 366



Share your comments for ISACA CISA exam with other users:

Mike 8/20/2023 5:12:00 PM

the exam dumps are helping me get a solid foundation on the practical techniques and practices needed to be successful in the auditing world.
UNITED STATES


Sam 8/31/2023 10:32:00 AM

not bad but you question database from isaca
MALAYSIA


Deno 10/25/2023 1:14:00 AM

i failed the cisa exam today. but i have found all the questions that were on the exam to be on this site.
Anonymous