ISACA CISA Übungsprüfungen
Zuletzt aktualisiert am 08.09.2025- Prüfungscode: CISA
- Prüfungsname: Certified Information Systems Auditor
- Zertifizierungsanbieter: ISACA
- Zuletzt aktualisiert am: 08.09.2025
An IS auditor discovers that an IT organization serving several business units assigns equal priority to all initiatives, creating a risk of delays in securing project funding Which of the following would be MOST helpful in matching demand for projects and services with available resources in a way that supports business objectives?
- A . Project management
- B . Risk assessment results
- C . IT governance framework
- D . Portfolio management
Retention periods and conditions for the destruction of personal data should be determined by the.
- A . risk manager.
- B . database administrator (DBA).
- C . privacy manager.
- D . business owner.
Which of the following is the PRIMARY purpose of a rollback plan for a system change?
- A . To ensure steps exist to remove the change if necessary
- B . To ensure testing can be re-performed if required
- C . To ensure a backup exists before implementing a change
- D . To ensure the system change is effective
Of the following who should be responsible for cataloging and inventorying robotic process automation (RPA) processes?
- A . IT personnel
- B . Business owner
- C . Information security personnel
- D . Data steward
An IS auditor is conducting an IT governance audit and notices many initiatives are managed informally by isolated project managers.
Which of the following recommendations would have the GREATEST impact on improving the maturity of the IT team?
- A . Schedule a follow-up audit in the next year to confirm whether IT processes have matured.
- B . Create an interdisciplinary IT steering committee to oversee IT prioritization and spending.
- C . Document and track all IT decisions in a project management tool.
- D . Discontinue all current IT projects until formal approval is obtained and documented.
Which of the following is the PRIMARY benefit of benchmarking an organization’s software development lifecycle practices against a capability maturity model?
- A . Reliable products are guaranteed.
- B . Repeatable software development procedures are established.
- C . Programmers‘ efficiency is improved.
- D . Security requirements are added to software development processes.
When reviewing the disaster recovery strategy, IT management identified an application that requires a short recovery point objective (RPO).
Which of the following data restoration strategies would BEST enable the organization to meet this objective?
- A . Snapshots
- B . Mirroring
- C . Log shipping
- D . Data backups
Which of the following BEST demonstrates alignment of the IT department with the corporate mission?
- A . Analysis of IT department functionality
- B . Biweekly reporting to senior management
- C . Annual board meetings
- D . Quarterly steering committee meetings
A system development project is experiencing delays due to ongoing staff shortages.
Which of the following strategies would provide the GREATEST assurance of system quality at implementation?
- A . Implement overtime pay and bonuses for all development staff.
- B . Utilize new system development tools to improve productivity.
- C . Recruit IS staff to expedite system development.
- D . Deliver only the core functionality on the initial target date.
Which of the following is the BEST reason for an IS auditor to emphasize to management the importance of using an IT governance framework?
- A . Frameworks enable IT benchmarks against competitors
- B . Frameworks can be tailored and optimized for different organizations
- C . Frameworks help facilitate control self-assessments (CSAs)
- D . Frameworks help organizations understand and manage IT risk