Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. ISACA
  3. CISA

ISACA CISA Exam (page: 55)
ISACA Certified Information Systems Auditor
Updated on: 02-Jan-2026

Viewing Page 55 of 366
CISA PDF 1823 Questions

During an audit of a disaster recovery plan (DRP) for a critical business area, an IS auditor finds that not all critical systems are covered. What should the auditor do NEXT?

  1. Evaluate the impact of not covering the systems
  2. Escalate the finding to senior management
  3. Evaluate the prior year's audit results regarding critical system coverage
  4. Verify whether the systems are part of the business impact analysis (BIA)

Answer(s): D



Due to a recent business divestiture, an organization has limited IT resources to deliver critical projects. Reviewing the IT staffing plan against which of the following would BEST guide IT management when estimating resource requirements for future projects?

  1. Peer organization staffing benchmarks
  2. Human resources (HR) sourcing strategy
  3. Budgeted forecast for the next financial year
  4. Records of actual time spent on projects

Answer(s): D



A bank's web-hosting provider has just completed an internal IT security audit and provides only a summary of the findings to the bank's auditor. Which of the following should be the bank's GREATEST concern?

  1. The audit scope may not have addressed critical areas.
  2. The audit procedures are not provided to the bank.
  3. The bank's auditors are not independent of the service provider.
  4. The audit may be duplicative of the bank's internal audit procedures

Answer(s): A



An incorrect version of source code was amended by a development team. This MOST likely indicates a weakness in:

  1. change management.
  2. project management.
  3. incident management.
  4. quality assurance (QA).

Answer(s): D



An organization allows employees to retain confidential data on personal mobile devices. Which of the following is the BEST recommendation to mitigate the risk of data leakage from lost or stolen devices?

  1. Configure to auto-wipe after multiple failed access attempts.
  2. Require employees to attend security awareness training.
  3. Enable device auto-lock function.
  4. Password protect critical data files.

Answer(s): A



Viewing Page 55 of 366



Share your comments for ISACA CISA exam with other users:

Mike 8/20/2023 5:12:00 PM

the exam dumps are helping me get a solid foundation on the practical techniques and practices needed to be successful in the auditing world.
UNITED STATES


Sam 8/31/2023 10:32:00 AM

not bad but you question database from isaca
MALAYSIA


Deno 10/25/2023 1:14:00 AM

i failed the cisa exam today. but i have found all the questions that were on the exam to be on this site.
Anonymous