search

Which of following would an IS auditor consider to be most important when evaluating an Organisations IS strategy that it?

1 anos atrás
Comentários: 0
Visualizações: 153

Show

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

Which of following would an IS auditor consider to be most important when evaluating an Organisations IS strategy that it?

CISA Question 661

Question

When reviewing IS strategies, an IS auditor can BEST assess whether IS strategy supports the organizations’ business objectives by determining if IS:

A. has all the personnel and equipment it needs. B. plans are consistent with management strategy. C. uses its equipment and personnel efficiently and effectively.

D. has sufficient excess capacity to respond to changing directions.

Answer

B. plans are consistent with management strategy.

Explanation

Determining if the IS plan is consistent with management strategy relates IS/IT planning to business plans. Choices A, C and D are effective methods for determining the alignment of IS plans with business objectives and the organization’s strategies.

CISA Question 662

Question

An IS auditor reviewing an organization’s IT strategic plan should FIRST review:

A. the existing IT environment. B. the business plan. C. the present IT budget.

D. current technology trends.

Answer

B. the business plan.

Explanation

The IT strategic plan exists to support the organization’s business plan. To evaluate the IT strategic plan, an IS auditor would first need to familiarize themselves with the business plan.

CISA Question 663

Question

Which of the following would an IS auditor consider to be the MOST important when evaluating an organization’s IS strategy? That it:

A. has been approved by line management. B. does not vary from the IS department’s preliminary budget. C. complies with procurement procedures.

D. supports the business objectives of the organization.

Answer

D. supports the business objectives of the organization.

Explanation

Strategic planning sets corporate or department objectives into motion. Both long-term and short- term strategic plans should be consistent with the organization’s broader plans and business objectives for attaining these goals. Choice A is incorrect since line management prepared the plans.

CISA Question 664

Question

Which of the following goals would you expect to find in an organization’s strategic plan?

A. Test a new accounting package. B. Perform an evaluation of information technology needs. C. Implement a new project planning system within the next 12 months.

D. Become the supplier of choice for the product offered.

Answer

D. Become the supplier of choice for the product offered.

Explanation

Strategic planning sets corporate or departmental objectives into motion. Comprehensive planning helps ensure an effective and efficient organization. Strategic planning is time- and project-oriented, but also must address and help determine priorities to meet business needs.
Long- and short-range plans should be consistent with the organization’s broader plans for attaining their goals. Choice D represents a business objective that is intended to focus the overall direction of the business and would thus be a part of the organization’s strategic plan. The other choices are project-oriented and do not address business objectives.

CISA Question 665

Question

Which of the following would an IS auditor consider the MOST relevant to short-term planning for an IS department?

A. Allocating resources B. Keeping current with technology advances C. Conducting control self-assessment

D. Evaluating hardware needs

Answer

A. Allocating resources

Explanation

The IS department should specifically consider the manner in which resources are allocated in the short term. Investments in IT need to be aligned with top management strategies, rather than focusing on technology for technology’s sake. Conducting control self-assessments and evaluating hardware needs are not as critical as allocating resources during short-term planning for the IS department.

CISA Question 666

Question

In reviewing the IS short-range (tactical) plan, an IS auditor should determine whether:

A. there is an integration of IS and business staffs within projects. B. there is a clear definition of the IS mission and vision. C. a strategic information technology planning methodology is in place.

D. the plan correlates business objectives to IS goals and objectives.

Answer

A. there is an integration of IS and business staffs within projects.

Explanation

The integration of IS and business staff in projects is an operational issue and should be considered while reviewing the short-range plan. A strategic plan would provide a framework for the IS short-range plan. Choices B, C and D are areas covered by a strategic plan.

CISA Question 667

Question

To support an organization’s goals, an IS department should have:

A. a low-cost philosophy. B. long- and short-range plans. C. leading-edge technology.

D. plans to acquire new hardware and software.

Answer

B. long- and short-range plans.

Explanation

To ensure its contribution to the realization of an organization’s overall goals, the IS department should have long- and short-range plans that are consistent with the organization’s broader plans for attaining its goals. Choices A and C are objectives, and plans would be needed to delineate how each of the objectives would be achieved. Choice D could be a part of the overall plan but would be required only if hardware or software is needed to achieve the organizational goals.

CISA Question 668

Question

Which of the following is normally a responsibility of the chief security officer (CSO)?

A. Periodically reviewing and evaluating the security policy B. Executing user application and software testing and evaluation C. Granting and revoking user access to IT resources

D. Approving access to data and applications

Answer

A. Periodically reviewing and evaluating the security policy

Explanation

The role of a chief security officer (CSO) is to ensure that the corporate security policy and controls are adequate to prevent unauthorized access to the company assets, including data, programs and equipment. User application and other software testing and evaluation normally are the responsibility of the staff assigned to development and maintenance. Granting and revoking access to IT resources is usually a function of network or database administrators. Approval of access to data and applications is the duty of the data owner.

CISA Question 669

Question

Which of the following is a risk of cross-training?

A. Increases the dependence on one employee B. Does not assist in succession planning C. One employee may know all parts of a system

D. Does not help in achieving a continuity of operations

Answer

C. One employee may know all parts of a system

Explanation

When cross-training, it would be prudent to first assess the risk of any person knowing all parts of a system and what exposures this may cause. Cross-training has the advantage of decreasing dependence on one employee and, hence, can be part of succession planning. It also provides backup for personnel in the event of absence for any reason and thereby facilitates the continuity of operations.

CISA Question 670

Question

Which of the following is the BEST performance criterion for evaluating the adequacy of an organization’s security awareness training?

A. Senior management is aware of critical information assets and demonstrates an adequate concern for their protection. B. Job descriptions contain clear statements of accountability for information security. C. In accordance with the degree of risk and business impact, there is adequate funding for security efforts.

D. No actual incidents have occurred that have caused a loss or a public embarrassment.

Answer

B. Job descriptions contain clear statements of accountability for information security.

Explanation

Inclusion in job descriptions of security responsibilities is a form of security training and helps ensure that staff and management are aware of their roles with respect to information security. The other three choices are not criterion for evaluating security awareness training. Awareness is a criterion for evaluating the importance that senior management attaches to information assets and their protection. Funding is a criterion that aids in evaluating whether security vulnerabilities are being addressed, while the number of incidents that have occurred is a criterion for evaluating the adequacy of the risk management program.

QUESTION 376Which of the following would an IS auditor consider to be the MOST important when evaluating an organization's IS strategy? That it:A.has been approved by line management.B.does not vary from the IS department's preliminary budget.C.complies with procurement procedures.D.supports the business objectives of the organization.

Q&A When

Postagens relacionadas

What is converse inverse and contrapositive of following statement if x is a prime number then x is odd?
What is converse inverse and contrapositive of following statement if x is a prime number then x is odd?

What are the similarities and differences between the Haitian and Latin American revolutions?
What are the similarities and differences between the Haitian and Latin American revolutions?

What is the total magnification when a 40x objective lens and a 10X projection lens are used in a compound microscope?
What is the total magnification when a 40x objective lens and a 10X projection lens are used in a compound microscope?

Vamos relembrar duas frações são equivalentes quando têm o mesmo valor em relação a mesma unidade
Vamos relembrar duas frações são equivalentes quando têm o mesmo valor em relação a mesma unidade

When a patient has a chemical burn to the eye you should irrigate the eye for at least 5 minutes?
When a patient has a chemical burn to the eye you should irrigate the eye for at least 5 minutes?

Who is statistically better Michael Jordan or LeBron James?
Who is statistically better Michael Jordan or LeBron James?

What time do the st louis cardinals play tonight
What time do the st louis cardinals play tonight

When partners in a conflict use different but mutually reinforcing behaviors This is known as a?
When partners in a conflict use different but mutually reinforcing behaviors This is known as a?

O que e preciso fazer para evitar essa crise
O que e preciso fazer para evitar essa crise

In order to redirect a file to the standard input of a command, what metacharacter should be used?
In order to redirect a file to the standard input of a command, what metacharacter should be used?

Best way to season ribs for the oven
Best way to season ribs for the oven

Where to buy sk8 the infinity manga
Where to buy sk8 the infinity manga

Esqueci de tomar o antibiótico na hora certa o que fazer
Esqueci de tomar o antibiótico na hora certa o que fazer

What is the correct order in which sound waves are transmitted through the ear I tympanic membrane II ossicles III external auditory canal IV cochlea?
What is the correct order in which sound waves are transmitted through the ear I tympanic membrane II ossicles III external auditory canal IV cochlea?

Which is the correct order of events of sound transmission through the ear 1 sound waves strike the eardrum?
Which is the correct order of events of sound transmission through the ear 1 sound waves strike the eardrum?

2022 mazda cx-5 grand touring reserve vs signature
2022 mazda cx-5 grand touring reserve vs signature

How do you make glasses on little alchemy?
How do you make glasses on little alchemy?

What is the 5 benefits in planting trees?
What is the 5 benefits in planting trees?

The Nine Lives of Chloe King Alek
The Nine Lives of Chloe King Alek

Where can I watch Rick and Morty
Where can I watch Rick and Morty

Publicidade

ÚLTIMAS NOTÍCIAS

How many factors of 400 are not multiples of 2
1 anos atrás . por WhisperedBaker
A relatively new discipline, motion graphics began with
1 anos atrás . por EnhancedSolitude
A policy loan is made possible by
1 anos atrás . por AffirmativeBonus
Its a small world meaning
1 anos atrás . por PollutedTossing
Which of the following nutrients yield energy?
1 anos atrás . por Blue-grayWarmth
What was the significance of the first continental congress in 1774?
1 anos atrás . por AtmosphericTyrant
When was Fairfield CA founded?
1 anos atrás . por IntermediateApparatus
When assessing the intensity of a patients pain, which question by the nurse is appropriate
1 anos atrás . por Door-to-doorHamburger
How many liters of water must be added to 16 liters of milk and water contains 10% water to make it 20% water in it?
1 anos atrás . por BogusMorale
How many spectral lines are obtained when an electron drops from 4th Shell to ground shell?
1 anos atrás . por BadAllegiance

Toplistas

#1
Top 8 mensagem de 30 anos de aniversário 2022
2 anos atrás
#2
Top 7 jogo do bicho palpite do dia de hoje 2022
2 anos atrás
#3
Top 7 melhor comprimido para dor de cabeça 2022
2 anos atrás
#4
Top 6 explique a influência da corrente do golfo no atlântico norte sobre a europa ocidental 2022
1 anos atrás
#5
Top 7 como é o nome da música 2022
2 anos atrás
#6
Top 7 cloridrato de meclizina para que serve 2022
2 anos atrás
#7
Top 4 existe outra regionalização que é utilizado para dividir o país em três partes 2022
1 anos atrás
#8
Top 7 500g de presunto preço 2022
2 anos atrás
#9
Top 8 o país que mais emite gases de efeito estufa atualmente é há uma grande probabilidade 2022
1 anos atrás
#10
Top 8 um elemento químico da família dos halogênios (7 elétrons na camada de valência) 2022
1 anos atrás

Publicidade

Populer

Token Data

Publicidade

Sobre

Jurídica

Ajuda

Social

homeendefrjakoptzhhi
direito autoral © 2024 cemle Inc.