Valid CISA Dumps shared by ExamDiscuss.com for Helping Passing CISA Exam! ExamDiscuss.com now offer the newest CISA exam dumps, the ExamDiscuss.com CISA exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CISA dumps with Test Engine here:
Access CISA Dumps Premium Version
(1435 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 8/201
An organization developed a comprehensive three-year IT strategic plan Halfway into the plan a major legislative change impacting the organization is enacted Which oi the following should be management's NEXT course of action?
Correct Answer: C
- Question List (201q)
- Question 1: To ensure the integrity of a recovered database, which of th...
- Question 2: Which of the following BEST measures project progress?...
- Question 3: An organization allows its employees to use personal mobile ...
- Question 4: Which of the following would be of GREATEST concern to an IS...
- Question 5: Which of the following is the MOST effective control for pro...
- Question 6: Which of the following is the BEST indicator of the effectiv...
- Question 7: Which of the following is the MOST effective way to identify...
- 2 commentQuestion 8: An organization developed a comprehensive three-year IT stra...
- Question 9: During a disaster recovery audit, an IS auditor finds that a...
- Question 10: Which of the following should be reviewed FIRST when assessi...
- Question 11: What would be an IS auditors GREATEST concern when using a t...
- 2 commentQuestion 12: Which of the following areas of responsibility would cause t...
- Question 13: Which of the following should be of GREATEST concern to an I...
- Question 14: Which of the following is the BEST way to mitigate the risk ...
- Question 15: Which of the following is the GREATEST security risk associa...
- Question 16: Which of the following is an example of a preventive control...
- Question 17: An organization with high availability resource requirements...
- Question 18: When evaluating the management practices at a third-party or...
- Question 19: Compared to developing a system in-house, acquiring a softwa...
- Question 20: An IS auditor will be testing accounts payable controls by p...
- Question 21: Which of the following is MOST important for an IS auditor t...
- Question 22: Upon completion of audit work, an IS auditor should:...
- Question 23: An organization's enterprise architecture (EA) department de...
- Question 24: The BEST way to prevent fraudulent payments is to implement ...
- Question 25: An IS auditor is planning to audit an organization's infrast...
- Question 26: An organization's IT security policy states that user ID's m...
- Question 27: An IS auditor notes that IT and the business have different ...
- Question 28: A security company and service provider have merged and the ...
- 1 commentQuestion 29: Which of the following is MOST important lo have in place fo...
- Question 30: Which of the following is the MOST important difference betw...
- Question 31: An IS auditor is reviewing the implementation of an internat...
- Question 32: Which of the following should be the PRIMARY consideration f...
- Question 33: A sales representative is reviewing the organization's feedb...
- Question 34: During a systems development project, participation in which...
- Question 35: A project team evaluated vendor responses to a request for p...
- Question 36: Which of the following would provide the BEST evidence for u...
- Question 37: During an IT operations audit multiple unencrypted backup ta...
- Question 38: An organization s audit charter PRIMARILY:...
- Question 39: The information security function in a large organization is...
- Question 40: Within the context of an IT-related governance framework, wh...
- Question 41: When engaging services from external auditors, which of the ...
- Question 42: What is the BEST population to select from when testing that...
- Question 43: An IS auditor identifies key controls that have been overrid...
- Question 44: Which of the following should be the PRIMARY objective of a ...
- Question 45: Which of the following clauses is MOST important to include ...
- Question 46: An IS auditor s role in privacy and security is to:...
- Question 47: In assessing the priority given to systems covered in an org...
- Question 48: An effective implementation of security roles and responsibi...
- Question 49: An IS auditor reviewing a purchase accounting system notices...
- 2 commentQuestion 50: Which of the following would be the GREATEST risk associated...
- Question 51: Which of the following would be a result of utilizing a top-...
- Question 52: Which of the following is MOST critical to include when deve...
- Question 53: Which of the following is a corrective control that reduces ...
- Question 54: In the risk assessment process, which of the following shoul...
- Question 55: Which of the following is the PRIMARY risk when business uni...
- Question 56: An IS auditor conducting a follow-up audit learns that previ...
- Question 57: An IS auditor has been asked to assess the security of a rec...
- Question 58: Which of the following would be the MOST appropriate reason ...
- 1 commentQuestion 59: Which of the following observations should be of GREATEST co...
- Question 60: Which of the following technologies has the SMALLEST maximum...
- Question 61: An organization is in the process of deciding whether to all...
- 1 commentQuestion 62: Following the discovery of inaccuracies in a data warehouse,...
- Question 63: Which of the following can help ensure that IT deliverables ...
- Question 64: An IS auditor finds that periodic reviews of read-only users...
- Question 65: Which of the following is the MOST important factor when an ...
- Question 66: Which of the following is the BEST guidance from an IS audit...
- 1 commentQuestion 67: An IS auditor evaluating a three-tier client/server architec...
- Question 68: The objective of a vulnerability identification step in a ri...
- Question 69: Which of the following is the BEST way to minimize the impac...
- 1 commentQuestion 70: An IS department is evaluated monthly on its cost-revenue ra...
- 2 commentQuestion 71: An IS auditor is evaluating a virtual server environment and...
- Question 72: An IS audit reveals an organization's IT department reports ...
- Question 73: Which of the following should an IS auditor recommend to red...
- Question 74: Which of the following projects would be MOST important to r...
- Question 75: In an environment where most IT services have been outsource...
- Question 76: Reconciliations have identified data discrepancies between a...
- Question 77: An IS auditor has completed an audit of an organization's ac...
- 1 commentQuestion 78: Which of the following is the GREATEST advantage of vulnerab...
- Question 79: Which of the following is the MAIN purpose of data classific...
- Question 80: During business process reengineering (BPR) of a bank's tell...
- Question 81: Which of the following is the MOST significant risk associat...
- Question 82: A company converted its payroll system from an external serv...
- 2 commentQuestion 83: The risk of communication failure in an e-commerce environme...
- Question 84: Which of the following backup schemes is the BEST option whe...
- Question 85: During a review of the IT strategic plan, an IS auditor find...
- Question 86: An IS auditor intends to accept a management position in the...
- Question 87: Which of the following BEST ensures the quality and integrit...
- Question 88: An IT governance framework provides an organization with:...
- Question 89: Which of the following is the BEST justification for deferri...
- Question 90: A software development organization with offshore personnel ...
- Question 91: Which of the following is the BEST IS audit strategy?...
- Question 92: Which of the following should be an IS auditor's PRIMARY con...
- 1 commentQuestion 93: As part of a follow-up of a previous year's audit, an IS aud...
- Question 94: Which of the following is the BEST way to detect system secu...
- Question 95: In a high-volume, real-time system, the MOST effective techn...
- Question 96: What would be of GREATEST concern to an IS auditor observing...
- 2 commentQuestion 97: A new application will require multiple interfaces. Which of...
- 1 commentQuestion 98: During an operational audit of a biometric system used to co...
- Question 99: Which of the following is the BEST way to ensure that busine...
- Question 100: Which of the following is the GREATEST concern when an organ...
- Question 101: Which of the following should be the PRIMARY concern of an I...
- Question 102: An organization has outsourced its data leakage monitoring t...
- Question 103: An IS auditor is reviewing a network diagram. Which of the f...
- Question 104: When evaluating database management practices, which of the ...
- Question 105: Which of the following provides the MOST assurance over the ...
- Question 106: Which of the following should be an IS auditor's PRIMARY foc...
- Question 107: An organization has decided to implement a third-party syste...
- Question 108: Which of the following application input controls would MOST...
- Question 109: Which of the following physical controls will MOST effective...
- Question 110: To help ensure the accuracy and completeness of end-user com...
- Question 111: When deploying an application that was created using the pro...
- 1 commentQuestion 112: An IS auditor is planning an audit of an organization's acco...
- Question 113: Which of the following is the GREATEST concern with conducti...
- Question 114: Which of the following is the BEST source for describing the...
- Question 115: An IS auditor is following up on prior period items and find...
- Question 116: An IS auditor is reviewing the installation of a new server....
- Question 117: Which of the following should be of concern to an IS auditor...
- Question 118: Which of the following poses the GREATEST risk to a company ...
- Question 119: An IS auditor has completed an audit on the organization's I...
- Question 120: When evaluating an IT organizational structure, which of the...
- Question 121: The BEST method an organization can employ to align its busi...
- Question 122: An IS auditor finds a number of system accounts that do not ...
- Question 123: An organization plans to launch a social media presence as p...
- Question 124: What is BEST for an IS auditor to review when assessing the ...
- Question 125: An IS auditor finds that corporate mobile devices used by em...
- Question 126: Which of the following BEST demonstrates the degree of align...
- Question 127: Which of the following is the MOST effective control to ensu...
- Question 128: Which of the following audit procedures would be MOST conclu...
- Question 129: Which of the following is the MAIN advantage of using one-ti...
- Question 130: Which audit approach is MOST helpful in optimizing the use o...
- Question 131: Which of the following is the MOST important issue for an IS...
- Question 132: Which of the following findings should be of GREATEST concer...
- Question 133: Which of the following is the BEST approach to identify whet...
- Question 134: When using a wireless device, which of the following BEST en...
- Question 135: An IS auditor is examining a front-end sub ledger and a main...
- Question 136: Due to system limitations, segregation of duties (SoD) canno...
- Question 137: During the post-implementation review of an application that...
- Question 138: During an exit interview senior management disagrees with so...
- Question 139: Which of the following would be the MOST significant factor ...
- Question 140: When developing a business continuity plan (BCP), which of t...
- Question 141: Which of the following focus areas is a responsibility of IT...
- Question 142: Which of the following is the BEST reason to utilize blockch...
- Question 143: For an organization that has plans to implement web-based tr...
- Question 144: After delivering an audit report, the audit manager discover...
- Question 145: A company uses a standard form to document and approve all c...
- Question 146: Which of the following is MOST important for an effective co...
- Question 147: An IS auditor is using data analytics in an audit and has ob...
- Question 148: An organization recently implemented a data loss prevention ...
- Question 149: An IS auditor finds the timeliness and depth of information ...
- Question 150: Which of the following is found in an audit charter?...
- Question 151: Which of the following would be an appropriate role of inter...
- Question 152: Which of the following should be of MOST concern lo an IS au...
- Question 153: In which phase of penetration testing would host detection a...
- Question 154: A bank has implemented a new accounting system. Which of the...
- Question 155: Which of the following is the PRIMARY objective of implement...
- Question 156: To protect information assets, which of the following should...
- Question 157: The maturity level of an organization s problem management s...
- Question 158: Which of the following is the MOST effective way to minimize...
- Question 159: When deciding whether a third party can be used in resolving...
- Question 160: After an external IS audit, which of the following should be...
- Question 161: An IS auditor is reviewing security policies and finds no me...
- Question 162: What should be the PRIMARY basis for scheduling a follow-up ...
- Question 163: A financial institution is launching a mobile banking servic...
- Question 164: Of the following, who should approve a release to a critical...
- Question 165: An organization's IT security policy requires annual securit...
- Question 166: The FIRST course of action an investigator should take when ...
- Question 167: Which of the following is MOST important to ensure during co...
- Question 168: During a review of an application system, an IS auditor iden...
- Question 169: Which of the following should be done FIRST to effectively d...
- Question 170: Which of the following is the BEST way to mitigate the risk ...
- Question 171: Which of the following findings should be of GREATEST concer...
- Question 172: Which of the following is the GREATEST threat to Voice-over ...
- Question 173: Which of the following techniques would provide the BEST ass...
- Question 174: An organization decides to establish a formal incident respo...
- Question 175: An IS auditor is reviewing an enterprise database platform. ...
- Question 176: Capacity management enables organizations to:...
- Question 177: Which of the following factors constitutes a strength in reg...
- Question 178: Which of the following is MOST influential when defining dis...
- Question 179: Which of the following sampling techniques is BEST to use wh...
- Question 180: Which of the following is the BEST control to mitigate the m...
- Question 181: Which of the following is a preventive control related to ch...
- Question 182: What is the BEST justification for allocating more funds to ...
- Question 183: Which of the following will MOST likely compromise the contr...
- Question 184: Which of the following should be the FIRST step in an organi...
- Question 185: Which of the following is the GREATEST benefit of utilizing ...
- Question 186: Which of the following presents the GREATEST concern when im...
- Question 187: Which of the following poses the GREATEST security risk when...
- Question 188: Which of the following observations noted during a review of...
- Question 189: A multinational organization is integrating its existing pay...
- Question 190: Which of the following observations should be of GREATEST co...
- Question 191: Which of the following is the BEST sampling method when perf...
- Question 192: Which of the following provides an IS auditor with the BEST ...
- Question 193: Which of the following is the PRIMARY benefit of using a cap...
- Question 194: Which of the following is the BEST solution to minimize risk...
- Question 195: Which of the following is a PRIMARY role of an IS auditor in...
- Question 196: After the release of an application system, an IS auditor wa...
- Question 197: During the design phase of a software development project, t...
- Question 198: An audit of the quality management system (QMS) begins with ...
- Question 199: When evaluating the recent implementation of an intrusion de...
- Question 200: To create a digital signature in a message using asymmetric ...
- Question 201: A bank is relocating its servers to a vendor that provides d...
Recent Comments (The most recent comments are at the top.)
correct to my previous comment :
let's say legislative change came in guidelines of senitive data storage, but our buiness may not deals with that sensitive data at all . so we are not going to be affected by the change right , so we do rik assessment oly when changes effect us(operations) hence correct answer is A
same question was there in another exam also , hence got confused a little
Since the plan is already in progress, the management action would be to check whether legislative change can impact the current operation, that would be done by risk assessment ,since Risk assessments recognize all of the risks that have the potential to impact the organization’s operations
There Is no need to update it strategic plan directly, as output of risk assessment, update in IT strategy may be required but it’s not necessary to directly assess and update IT strategy plan.
Since legislative change would affect IT operation and risk assessment assess impact on operation hence risk assessment should be done
https://advisera.com/27001academy/knowledgebase/risk-assessment-vs-business-impact-analysis/
https://ipspecialist.net/risk-assessment-vs-business-impact-analysis/
https://itgovernance.co.uk/blog/whats-the-difference-between-a-risk-assessment-and-a-business-impact-analysis