Exam (elaborations)
CISA Study Notes Questions & 100% Correct Answers
Who is responsible for imposing an IT governance model encompassing IT strategy,
information security, and formal enterprise architectural mandates?
:~~ IT executives and the Board of Directors
The party that performs strategic planning, addresses near-term and long-term
requirements alignin...
[Show more]
Preview 4 out of 38 pages
Uploaded on
September 9, 2024
Number of pages
38
Written in
2024/2025
Type
Exam (elaborations)
Contains
Questions & answers
Institution
CISA
Course
CISA
$12.99
Also available in package deal from $143.60
100% satisfaction guarantee
Immediately available after payment
Both online and in PDF
No strings attached
Also available in package deal (1)
$ 356.52
$ 143.60
28 items
1. Exam (elaborations) - Certified information systems auditor cisa exam questions & 100% correct answers
2. Exam (elaborations) - Cisa isaca (cht. 1) questions & 100% correct answers
3. Exam (elaborations) - Cisa practice questions & 100% correct answers
4. Exam (elaborations) - Certified information systems auditor (cisa) cert guide questions & 100% correct an...
5. Exam (elaborations) - Cisa 2 questions & 100% correct answers
6. Exam (elaborations) - Cisa 308 questions & 100% correct answers
7. Exam (elaborations) - Cisa 316 questions & 100% correct answers
8. Exam (elaborations) - Cisa domain 1 questions & 100% correct answers
9. Exam (elaborations) - Cisa exam questions & 100% correct answers
10. Exam (elaborations) - Cisa questions & 100% correct answers
11. Exam (elaborations) - Cisa questions (901-1000) questions & 100% correct answers
12. Exam (elaborations) - Cisa questions (801 - 900) questions & 100% correct answers
13. Exam (elaborations) - Cisa questions (701-800) questions & 100% correct answers
14. Exam (elaborations) - Cisa practise question database 2013- 2014 questions & 100% correct answers
15. Exam (elaborations) - Cisa questions (101-200) questions & 100% correct answers
16. Exam (elaborations) - Cisa questions (1-100) questions & 100% correct answers
17. Exam (elaborations) - Cisa questions (401 - 500) questions & 100% correct answers
18. Exam (elaborations) - Cisa study notes questions & 100% correct answers
19. Exam (elaborations) - Cisa studying questions & 100% correct answers
20. Exam (elaborations) - Cisa questions (501 - 600) questions & 100% correct answers
21. Exam (elaborations) - Cisa questions (301 - 400) questions & 100% correct answers
22. Exam (elaborations) - Cisa questions 201 – 300 questions & 100% correct answers
23. Exam (elaborations) - Cisa questions & 100% correct answers
24. Exam (elaborations) - Cisa study guide questions & 100% correct answers
25. Exam (elaborations) - Isaca cisa questions & 100% correct answers
26. Exam (elaborations) - Isaca glossary 2024 (cisa prep) questions & 100% correct answers
27. Exam (elaborations) - Isaca-cisa extended glossary (2011- 2015) questions & 100% correct answers
28. Exam (elaborations) - Isaca cisa exam review questions & 100% correct answers
Show more
1 | P a g e | © copyright 2024/2025 | Grade A+
CISA Study Notes Questions & 100%
Correct Answers
Who is responsible for imposing an IT governance model encompassing IT strategy,
information security, and formal enterprise architectural mandates?
✓ :~~ IT executives and the Board of Directors
The party that performs strategic planning, addresses near-term and long-term
requirements aligning business objectives, and technology strategies.
✓ :~~ The Steering Committee
What three elements allow validation of business practices against acceptable
measures of regulatory compliance, performance, and standard operational
guidelines.
✓ :~~ (1.) Polices (2.) Procedures (3.) Standards
What activity involves the identification of potential risk and the appropriate
response for each threat based on impact assessment using qualitative and/or
quantitative measures for an enterprise-wide risk management strategy?
✓ :~~ Risk Management
IT Governance is most concerned with....
Master01 | September, 2024/2025 | Latest update
, 2 | P a g e | © copyright 2024/2025 | Grade A+
✓ :~~ IT Strategy
Describe the advantages of outsourcing.
✓ :~~ Outsourcing is an opportunity for the organization to focus on core
competencies. When an organization oursources a business function, it no
longer needs to be concerned about training employees in that function.
Outsources does not always reduce costs, because cost reduction is not
always the primary goal of oursourcing.
An external IS auditor has discovered a segregation of duties issue in a high value
process. What is the best action for the auditor to take?
✓ :~~ The external auditor can only document the finding in the audit report.
An external auditor is not in a position to implement controls.
An organization has chosen to open a business office in another country where
labor costs are lower and has hired workers to perform business functions there.
This organization has done what?
✓ :~~ The organization is insourcing - while they may have opened the office
in a foreign country, they have hired locals to do the work as opposed to
contracting with a third party.
An organization has discovered that some of its employees have criminal records.
What is the best course of action for the organization to take?
Master01 | September, 2024/2025 | Latest update
, 3 | P a g e | © copyright 2024/2025 | Grade A+
✓ :~~ The organization should have background checks performed on all of its
existing employees and also begin instituting background checks of all new-
hires. It is not necessarily required to terminate the employees - their
offenses may not warrant termination.
The options for Risk Treatment are:
✓ :~~ Risk Mitigation Risk Avoidance Risk Transfer Risk Acceptance
Annualized Loss Expectance (ALE) is defined as:
✓ :~~ ALE is the annual expected loss to an asset. It is calculated as the
single loss expectancy (SLE) X the annualized rate of occurrence (ARO.)
A quantitative risk analysis is more difficult to perform because:
✓ :~~ It is difficult to get accurate figures on the frequency of specific
threats. It is difficult to determine the probability that a threat will be
realized. It is relatively easy to determine the value of an asset and the
impact of a threat event.
An IS auditor is examining the IT standards document for an organization that was
last reviewed two years earlier. The best course of action for the IS auditor is:
✓ :~~ Report that the IT standards are not being reviewed often enough. Two
years is far too long between reviews of IT standards.
Master01 | September, 2024/2025 | Latest update
, 4 | P a g e | © copyright 2024/2025 | Grade A+
The purpose of a Balanced Scorecard is:
✓ :~~ To measure organizational performance and effectiveness against
strategic goals.
The 4-item focus of a Balanced Scorecard is:
✓ :~~ (1.) Financial (2.) Customer (3.) Internal processes (4.) Innovation /
Learning
The audit program is an audit strategy and plans that include:
✓ :~~ (1.) Scope (2.) Objectives (3.) Resources (4.) Procedures used to
evaluation controls and processes
IS auditors can stay current with technology through the following means:
✓ :~~ (1.) training courses (2.) webinars (3.) ISACA chapter training events
(4.) Industry conferences
Name the three Types of Controls
✓ :~~ (1.) Physical (2.) Technical (4.) Administrative
Name the two Categories of Controls
✓ :~~ (1.) Automatic (2.) Manual
Master01 | September, 2024/2025 | Latest update