ISACA-CISA

Which of the following should be of GREATEST concern to an IS auditor reviewing an organization's business continuity plan (BCP)?

Which of the following is the BEST way to ensure that an application is performing according to its specifications?

While auditing a small organization's data classification processes and procedures, an IS auditor noticed that data is often classified at the incorrect level. What is the MOST effective way for the organization to improve this situation?

Which of the following should be the GREATEST concern for an IS auditor performing a post-implementation review for a major system upgrade?

Which of the following observations noted by an IS auditor reviewing internal IT standards is MOST important to address?

Which of the following provides the MOST useful information for performing a business impact analysis (BIA)?

When auditing the feasibility study of a system development project, the IS auditor should:

Which of the following observations should be of GREATEST concern to an IS auditor when auditing web application security control as part of an IT general controls audit?

Transaction records from a business database were inadvertently deleted, and system operators decided to restore from a snapshot copy. Which of the following provides the BEST assurance that the transactions were recovered successfully?

Which of the following will BEST ensure that a proper cutoff has been established to reinstate transactions and records to their condition just prior to a computer system failure?

Critical processes are not defined in an organization's business continuity plan (BCP). Which of the following would have MOST likely identified the gap?

When auditing the closing stages of a system development project, which of the following should be the MOST important consideration?

Following a breach, what is the BEST source to determine the maximum amount of time before customers must be notified that their personal information may have been compromised?

A client/server configuration will:

The PRIMARY benefit of information asset classification is that it:

An IS auditor reviewing an organization’s IT systems finds that the organization frequently purchases systems that are incompatible with the technologies already in the organization. Which of the following is the MOST likely reason?

Which of the following staff should an IS auditor interview FIRST to obtain a general overview of the various technologies used across different programs?

Which of the following controls helps to ensure that data extraction queries run by the database administrator (DBA) are monitored?

In a typical network architecture used for e-commerce, a load balancer is normally found between the:

During an audit of a financial application, it was determined that many terminated users' accounts were not disabled. Which of the following should be the IS auditor's NEXT step?

Which of the following should be done by an IS auditor during a post-implementation review of a critical application that has been operational for six months?

Which of the following types of testing would BEST mitigate the risk of a newly implemented system adversely impacting existing systems?

Which of the following would be of GREATEST concern to an IS auditor reviewing an organization's security incident handling procedures?

Which of the following is the MOST important consideration for an organization when strategizing to comply with privacy regulations?

Which of the following should an IS auditor review FIRST during the audit of an organization's business continuity plan (BCP)?