Free Isaca CISA Exam Questions

Become Isaca Certified with updated CISA exam questions and correct answers

Page: 1 / 305

Total 1524 Questions | Updated On: Mar 28, 2025

Add To Cart

Question 1

Which of the following is the BEST way for an organization that is using a Software as a Service (SaaS) application to reduce its risk associated with the collection and protection of personal information?

A : mit the amount of personal information collected to industry standards

B : crypt personal information held by the organization

C : mit the amount of personal information collected to the minimum required.

D : ly allow remote access to personal information from an alternate site.

Answer: C

Question 2

When assessing the quality of personnel data, an IS auditor finds that the data values reconcile to values outside of the database and logical access is appropriately restricted. Which of the following should also be reviewed to provide a comprehensive assessment of the data quality?

A : Whether the data can be used in the correct context

B : Whether the data is classified appropriately

C : Whether procedures for using the database are followed

D : Whether users are appropriately trained

Answer: A

Question 3

Which of the following issues associated with a data center's closed circuit television (CCTV) surveillance cameras should be of MOST concern to an IS auditor?

A : TV recordings are not regularly reviewed.

B : TV records are deleted after one yea.

C : TV footage is not recorded 24 x 7.

D : TV cameras are not installed in break rooms.

Answer: A

Question 4

An organization has shifted from a bottom-up approach to a top-down approach in the development of IT policies. This should result in:

A : eater consistency across the organization

B : eater adherence to best practices

C : more comprehensive risk assessment plan

D : ynthesis of existing operational policies

Answer: B

Question 5

During an information security review, an IS auditor learns an organizational policy requires all employees to attend information security training during the first week of each new year What is the auditor's BEST recommendation to ensure employees hired after January receive adequate guidance regarding security awareness?

A : quire management of new employees to provide an overview of security

B : vise the policy to require security training every six months for all employees

C : ure new employees read and sign acknowledgment of the acceptable use policy

D : vise the policy to include security training during onboarding

Answer: D

Page: 1 / 305

Total 1524 Questions | Updated On: Mar 28, 2025

Add To Cart