ISACA CISA CERTIFICATION EXAM
QUESTIONS AND ANSWERS 100%
CORRECT
Question: 1
An IT balanced scorecard is the MOST effective means of monitoring: - ANSWER-A.
governance of enterprise IT.
B. control effectiveness.
C. return on investment (ROI).
D. change management effectiveness.
Question: 4
Which of the following is the BEST data integrity check? - ANSWER-A. Counting the
transactions processed per day
B. Performing a sequence check
C. Tracing data back to the point of origin
D. Preparing and running test data
Question: 5
Spreadsheets are used to calculate project cost estimates. Totals for each cost
category are then keyed into the job-costing system. What is the BEST control to
ensure that data is accurately entered into the system? - ANSWER-
Question: 2
When reviewing an organization's information security policies, an IS auditor should
verify that the policies have been defined PRIMARILY on the basis of: - ANSWER-A. a
risk management process.
B. an information security framework.
C. past information security incidents.
D. industry best practices.
Question: 3
Which of the following would be an IS auditor's GREATEST concern when reviewing the
early stages of a software development project? - ANSWER-A. The lack of technical
documentation to support the program code
B. The lack of completion of all requirements at the end of each sprint
C. The lack of acceptance criteria behind user requirements.
D. The lack of a detailed unit and system test plan
QUESTIONS AND ANSWERS 100%
CORRECT
Question: 1
An IT balanced scorecard is the MOST effective means of monitoring: - ANSWER-A.
governance of enterprise IT.
B. control effectiveness.
C. return on investment (ROI).
D. change management effectiveness.
Question: 4
Which of the following is the BEST data integrity check? - ANSWER-A. Counting the
transactions processed per day
B. Performing a sequence check
C. Tracing data back to the point of origin
D. Preparing and running test data
Question: 5
Spreadsheets are used to calculate project cost estimates. Totals for each cost
category are then keyed into the job-costing system. What is the BEST control to
ensure that data is accurately entered into the system? - ANSWER-
Question: 2
When reviewing an organization's information security policies, an IS auditor should
verify that the policies have been defined PRIMARILY on the basis of: - ANSWER-A. a
risk management process.
B. an information security framework.
C. past information security incidents.
D. industry best practices.
Question: 3
Which of the following would be an IS auditor's GREATEST concern when reviewing the
early stages of a software development project? - ANSWER-A. The lack of technical
documentation to support the program code
B. The lack of completion of all requirements at the end of each sprint
C. The lack of acceptance criteria behind user requirements.
D. The lack of a detailed unit and system test plan
