ISACA CISA Übungsprüfungen
Zuletzt aktualisiert am 09.09.2025- Prüfungscode: CISA
- Prüfungsname: Certified Information Systems Auditor
- Zertifizierungsanbieter: ISACA
- Zuletzt aktualisiert am: 09.09.2025
Which of the following BEST Indicates that an incident management process is effective?
- A . Decreased time for incident resolution
- B . Increased number of incidents reviewed by IT management
- C . Decreased number of calls lo the help desk
- D . Increased number of reported critical incidents
During an external review, an IS auditor observes an inconsistent approach in classifying system criticality within the organization.
Which of the following should be recommended as the PRIMARY factor to determine system criticality?
- A . Recovery point objective (RPO)
- B . Maximum allowable downtime (MAD)
- C . Mean time to restore (MTTR)
- D . Key performance indicators (KPls)
Which of the following would be a result of utilizing a top-down maturity model process?
- A . A means of benchmarking the effectiveness of similar processes with peers
- B . A means of comparing the effectiveness of other processes within the enterprise
- C . Identification of older, more established processes to ensure timely review
- D . Identification of processes with the most improvement opportunities
An organization has outsourced its data processing function to a service provider.
Which of the following would BEST determine whether the service provider continues to meet the organization s objectives?
- A . Assessment of the personnel training processes of the provider
- B . Adequacy of the service provider’s insurance
- C . Review of performance against service level agreements (SLAs)
- D . Periodic audits of controls by an independent auditor
Which of the following documents would be MOST useful in detecting a weakness in segregation of duties?
- A . System flowchart
- B . Data flow diagram
- C . Process flowchart
- D . Entity-relationship diagram
Which of the following is the PRIMARY benefit of operational log management?
- A . It enhances user experience via predictive analysis.
- B . It improves security with real-time monitoring of network data.
- C . It organizes data to identify performance issues.
- D . It supports data aggregation using unified storage.
Which of the following is the BEST way to foster continuous improvement of IS audit processes and practices?
- A . Invite external auditors and regulators to perform regular assessments of the IS audit function.
- B . Implement rigorous managerial review and sign-off of IS audit deliverables.
- C . Frequently review IS audit policies, procedures, and instruction manuals.
- D . Establish and embed quality assurance (QA) within the IS audit function.
Which of the following should be of MOST concern to an IS auditor reviewing the information systems acquisition, development, and implementation process?
- A . Data owners are not trained on the use of data conversion tools.
- B . A post-implementation lessons-learned exercise was not conducted.
- C . There is no system documentation available for review.
- D . System deployment is routinely performed by contractors.
The PRIMARY role of an IS auditor in the remediation of problems found during an audit engagement is to:
- A . help auditee management by providing the solution.
- B . explain the findings and provide general advice.
- C . present updated policies to management for approval.
- D . take ownership of the problems and oversee remediation efforts.
Which of the following is an analytical review procedure for a payroll system?
- A . Performing reasonableness tests by multiplying the number of employees by the average wage rate
- B . Evaluating the performance of the payroll system using benchmarking software
- C . Performing penetration attempts on the payroll system
- D . Testing hours reported on time sheets