Online Access Free ISACA.CISA.v2022-03-29.q126 Practice Test (Page 6)

CISA Exam Question 21

Which of the following should be considered FIRST when implementing a risk management program?

A.An understanding of the organization's threat, vulnerability and risk profile

B.An understanding of the risk exposures and the potential consequences of compromise

C.A determination of risk management priorities based on potential consequences

D.A risk mitigation strategy sufficient to keep risk consequences at an acceptable level

CISA Exam Question 22

Which of the following should be of GREATEST concern to an IS auditor assessing the effectiveness of an organization's vulnerability scanning program?

A.Results are not reported to individuals with authority to ensure resolution.

B.Scans are performed less frequently than required by the organization's vulnerability scanning schedule

C.Results are not approved by senior management.

D.Steps taken to address identified vulnerabilities are not formally documented

CISA Exam Question 23

An IS auditor identifies key controls that have been overridden by management. The next step the IS auditor should take is to

A.Perform procedures to quantify the irregularities

B.Report the absence of key controls to regulators

C.Recommend compensating controls

D.Withdraw from the engagement

CISA Exam Question 24

When reviewing the IT strategic planning process, an IS auditor should ensure that the plan:

A.incorporates state of the art technology.

B.addresses the required operational controls.

C.articulates the IT mission and vision.

D.specifies project management practices.

CISA Exam Question 25

To enable the alignment of IT staff development plans with IT strategy, which of the following should be done FIRST?

A.Identify required IT skill sets that support key business processes.

B.Review IT staffjob descriptions for alignment.

C.Include strategic objectives in IT staff performance objectives.

D.Develop quarterly training for each IT staff member.

Other Version: 735ISACA.CISA.v2025-12-09.q630; 415ISACA.CISA.v2025-12-02.q704; 10536ISACA.CISA.v2025-06-20.q647; 3528ISACA.CISA.v2025-06-11.q606; 3403ISACA.CISA.v2023-03-04.q272; 2651ISACA.CISA.v2022-10-31.q203; 123ISACA.Examprepaway.CISA.v2022-02-10.by.barret.126q.pdf; 9007ISACA.CISA.v2021-11-29.q567; 36ISACA.Actualvce.CISA.v2021-08-31.by.ralap.101q.pdf

Latest Upload: 119SAP.C_BCBAI_2509.v2026-01-15.q13; 188DAMA.DMF-1220.v2026-01-15.q271; 138SAP.C_SIGDA_2403.v2026-01-15.q66; 175ISACA.CRISC.v2026-01-15.q649; 128PaloAltoNetworks.NetSec-Pro.v2026-01-15.q26; 170Splunk.SPLK-1002.v2026-01-14.q121; 170EMC.NCP-AII.v2026-01-14.q144; 164Microsoft.AZ-800.v2026-01-13.q144; 176Microsoft.MS-102.v2026-01-13.q258; 121HP.HPE2-E84.v2026-01-13.q17

CISA Exam Question 21

CISA Exam Question 22

CISA Exam Question 23

CISA Exam Question 24

CISA Exam Question 25

Download PDF File