Free Access ISACA.CISA.v2025-05-24.q773 Practice Test (Page 43)

Question 206

Which of the following should be an IS auditor's PRIMARY focus when evaluating the response process for cyber crimes?

A.Root cause analysis

B.Evidence collection

C.Notification to regulators

D.Communication with law enforcement

Question 207

An audit report that specifies responsibility for the closure of noncompliance issues is BEST enhanced by including:

A.detailed mitigating steps.

B.a list of audit staff who will oversee remediation.

C.cost estimates for remediation.

D.target dates for remediation.

Question 208

During a pre-deployment assessment, what is the BEST indication that a business case will lead to the achievement of business objectives?

A.The business case reflects stakeholder requirements.

B.The business case is based on a proven methodology.

C.The business case passed a quality review by an independent party.

D.The business case identifies specific plans for cost allocation.

Correct Answer: A

During a pre-deployment assessment, the best indication that a business case will lead to the achievement of business objectives is that the business case reflects stakeholder requirements. A business case is a document that explains the rationale, benefits, costs, and risks of a proposed project or initiative. A business case should align with the strategic goals and vision of the organization and address the needs and expectations of the stakeholders who are involved in or affected by the project12.
Stakeholder requirements are the conditions or capabilities that stakeholders expect from a project or its outcomes. Stakeholders can include customers, users, employees, managers, suppliers, regulators, and others who have an interest or stake in the project. Stakeholder requirements should be identified, analyzed, prioritized, validated, and documented throughout the project lifecycle34.
The business case should reflect stakeholder requirements because they provide the basis for defining the project scope, objectives, deliverables, quality standards, success criteria, and benefits realization. By reflecting stakeholder requirements, the business case can demonstrate how the project will add value to the organization and its stakeholders, justify the investment and resources required for the project, and facilitate the decision-making and approval process for the project5 .
Therefore, during a pre-deployment assessment, an IS auditor should look for evidence that the business case reflects stakeholder requirements as the best indication that the business case will lead to the achievement of business objectives.
References:
* How to Write a Business Case (Template Included) - ProjectManager
* How to Write a Business Case | Smartsheet
* What are Stakeholder Requirements? | PM Study Circle
* Stakeholder Requirements - Project Management Knowledge
* Business Case vs Business Requirements - Difference Between
* [Business Case Development - Project Management Docs]

Question 209

Which of the following is a substantive test procedure?

A.Using audit software to verify the total of an accounts receivable file

B.Observing that user IDs and passwords are required to sign on to the online system

C.Test of invoice calculation process

D.Verifying that appropriate approvals are documented in a sample of program changes

Question 210

An organization's IT security policy states that user ID's must uniquely identify individual's and that user should not disclose their passwords. An IS auditor discovers that several generic user ID's are being used. Which of the following is the MOST appropriate course of action for the auditor/

A.Include the finding in the final audit report.

B.Investigate the noncompliance.

C.Recommend a change in security policy.

D.Recommend disciplinary action.

Other Version: 1635ISACA.CISA.v2024-10-22.q310; 4137ISACA.CISA.v2023-10-02.q715; 3741ISACA.CISA.v2023-03-29.q119; 2398ISACA.CISA.v2023-02-09.q181; 1498ISACA.CISA.v2023-02-06.q107; 3051ISACA.CISA.v2022-08-28.q129; 4218ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 5623ISACA.CISA.v2021-11-11.q194; 8827ISACA.CISA.v2021-10-08.q198; 9801ISACA.CISA.v2021-09-28.q199; 12255ISACA.CISA.v2021-09-11.q201

Latest Upload: 104Oracle.1z0-1196-25.v2025-09-12.q18; 103NetworkAppliance.NS0-162.v2025-09-12.q86; 144OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 180TheSecOpsGroup.CNSP.v2025-09-08.q20; 254CFAInstitute.ESG-Investing.v2025-09-08.q173; 238PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132

Question 206

Question 207

Question 208

Question 209

Question 210

Download PDF File