CISA Study Guide questions with correct answers

Who is responsible for imposing an IT governance model encompassing IT strategy, information security, and formal enterprise architectural mandates? Correct Answer-IT executives and the Board of Directors The party that performs strategic planning, addresses near-term and long-term requirements aligning business objectives, and technology strategies. Correct Answer-The Steering Committee What three elements allow validation of business practices against acceptable measures of regulatory compliance, performance, and standard operational guidelines. Correct Answer-(1.) Polices (2.) Procedures (3.) Standards What activity involves the identification of potential risk and the appropriate response for each threat based on impact assessment using qualitative and/or quantitative measures for an enterprise-wide risk management strategy? Correct Answer-Risk Management IT Governance is most concerned with.... Correct Answer-IT Strategy Describe the advantages of outsourcing. Correct Answer-Outsourcing is an opportunity for the organization to focus on core competencies. When an organization oursources a business function, it no longer needs to be concerned about training employees in that function. Outsources does not always reduce costs, because cost reduction is not always the primary goal of oursourcing. An external IS auditor has discovered a segregation of duties issue in a high value process. What is the best action for the auditor to take? Correct Answer-The external auditor can only document the fi