Page 1 of 167
CISA Exam (Information Systems Auditing Process) 2
VERSIONS 2026-2027 COMPLETE QUESTIONS AND
VERIFIED SOLUTIONS LATEST UPDATE THIS YEAR
CISA Exam 1
QUESTION: Which of the following choices BEST helps information owners to properly classify
data?
a. Understanding of technical controls that protect data
b. Training on organizational policies and standards
c. Use of an automated data leak prevention tool
d. Understanding which people need to access the data - ANSWER-b. Training on organizational
policies and standards
QUESTION: An IS auditor is evaluating the IT governance framework of an organization. Which
of the following is the GREATEST concern?
a. Senior management has limited involvement.
b. Return on investment is not measured.
c. Chargeback of IT cost is not consistent.
,Page 2 of 167
d. Risk appetite is not quantified - ANSWER-a. Senior management has limited involvement.
QUESTION: The most common reason for the failure of information systems to meet the needs
of users is that:
a. user needs are constantly changing.
b. the growth of system requirements was forecast inaccurately.
c. the hardware system limits the number of concurrent users.
d. user participation in defining the system's requirements was inadequate. - ANSWER-d. user
participation in defining the system's requirements was inadequate.
QUESTION: A programmer maliciously modified a production program to change data and then
restored it back to the original code. Which of the following would MOST effectively detect the
malicious activity?
a. Comparing source code
b. Reviewing system log files
c. Comparing object code
d. Reviewing executable and source code integrity - ANSWER-b. Reviewing system log files
,Page 3 of 167
Q; An IS auditor has been asked by management to review a potentially fraudulent transaction.
The PRIMARY focus of an IS auditor while evaluating the transaction should be to:
a. maintain impartiality while evaluating the transaction.
b. ensure that the independence of an IS auditor is maintained.
c. assure that the integrity of the evidence is maintained.
d. assess all relevant evidence for the transaction. - ANSWER-c. assure that the integrity of the
evidence is maintained.
(Domain 5: Protection of Information Assets
5B6Evidence Collection and Forensics)
QUESTION: Which of the following recovery strategies is MOST appropriate for a business
having multiple offices within a region and a limited recovery budget?
a. A hot site maintained by the business
b. A commercial cold site
c. A reciprocal arrangement between its offices
, Page 4 of 167
d. A third-party hot site - ANSWER-c. A reciprocal arrangement between its offices
(Domain 4:Information Systems Operations and Business Resilience 4B4 Business Continuity
Plan (BCP) )
QUESTION: An IS auditor has found that employees are emailing sensitive company information
to public web-based email domains. Which of the following is the BEST remediation option for
the IS auditor to recommend?
a. Encrypted mail accounts
b. Training and awareness
c. Activity monitoring
d. Data loss prevention - ANSWER-d. Data loss prevention
QUESTION: Many IT projects experience problems because the development time and/or
resource requirements are underestimated. Which of the following techniques provides the
GREATEST assistance in developing an estimate of project duration?
a. Function point analysis
CISA Exam (Information Systems Auditing Process) 2
VERSIONS 2026-2027 COMPLETE QUESTIONS AND
VERIFIED SOLUTIONS LATEST UPDATE THIS YEAR
CISA Exam 1
QUESTION: Which of the following choices BEST helps information owners to properly classify
data?
a. Understanding of technical controls that protect data
b. Training on organizational policies and standards
c. Use of an automated data leak prevention tool
d. Understanding which people need to access the data - ANSWER-b. Training on organizational
policies and standards
QUESTION: An IS auditor is evaluating the IT governance framework of an organization. Which
of the following is the GREATEST concern?
a. Senior management has limited involvement.
b. Return on investment is not measured.
c. Chargeback of IT cost is not consistent.
,Page 2 of 167
d. Risk appetite is not quantified - ANSWER-a. Senior management has limited involvement.
QUESTION: The most common reason for the failure of information systems to meet the needs
of users is that:
a. user needs are constantly changing.
b. the growth of system requirements was forecast inaccurately.
c. the hardware system limits the number of concurrent users.
d. user participation in defining the system's requirements was inadequate. - ANSWER-d. user
participation in defining the system's requirements was inadequate.
QUESTION: A programmer maliciously modified a production program to change data and then
restored it back to the original code. Which of the following would MOST effectively detect the
malicious activity?
a. Comparing source code
b. Reviewing system log files
c. Comparing object code
d. Reviewing executable and source code integrity - ANSWER-b. Reviewing system log files
,Page 3 of 167
Q; An IS auditor has been asked by management to review a potentially fraudulent transaction.
The PRIMARY focus of an IS auditor while evaluating the transaction should be to:
a. maintain impartiality while evaluating the transaction.
b. ensure that the independence of an IS auditor is maintained.
c. assure that the integrity of the evidence is maintained.
d. assess all relevant evidence for the transaction. - ANSWER-c. assure that the integrity of the
evidence is maintained.
(Domain 5: Protection of Information Assets
5B6Evidence Collection and Forensics)
QUESTION: Which of the following recovery strategies is MOST appropriate for a business
having multiple offices within a region and a limited recovery budget?
a. A hot site maintained by the business
b. A commercial cold site
c. A reciprocal arrangement between its offices
, Page 4 of 167
d. A third-party hot site - ANSWER-c. A reciprocal arrangement between its offices
(Domain 4:Information Systems Operations and Business Resilience 4B4 Business Continuity
Plan (BCP) )
QUESTION: An IS auditor has found that employees are emailing sensitive company information
to public web-based email domains. Which of the following is the BEST remediation option for
the IS auditor to recommend?
a. Encrypted mail accounts
b. Training and awareness
c. Activity monitoring
d. Data loss prevention - ANSWER-d. Data loss prevention
QUESTION: Many IT projects experience problems because the development time and/or
resource requirements are underestimated. Which of the following techniques provides the
GREATEST assistance in developing an estimate of project duration?
a. Function point analysis
