Free Access ISACA.CISA.v2026-02-11.q999 Practice Test (Page 172)

Question 851

During a change management audit, an IS auditor identifies that some changes were implemented in the production environment without user acceptance testing (UAT). Which of the following is the auditor's BEST course of action?

A.Document the finding and explain the risk of implementing changes without appropriate testing.

B.Postpone the audit until adequate UAT can be performed.

C.Perform post-implementation testing to verify that the changes do not impact financial data.

D.Recommend the IT manager roll back the changes and continue with the audit.

Question 852

Disaster recovery planning (DRP) for a company's computer system usually focuses on:

A.operations turnover procedures.

B.strategic long-range planning.

C.the probability that a disaster will occur.

D.alternative procedures to process transactions.

Question 853

When reviewing an organization's strategic IT plan an IS auditor should expect to find:

A.an assessment of the fit of the organization's application portfolio with business objectives.

B.actions to reduce hardware procurement cost.

C.a listing of approved suppliers of IT contract resources.

D.a description of the technical architecture for the organization's network perimeter security.

Question 854

During the discussion of a draft audit report, IT management provided suitable evidence that a process has been implemented for a control that had been concluded by the IS auditor as ineffective. Which of the following is the auditor's BEST action?

A.Explain to IT management that the new control will be evaluated during follow-up.

B.Re-perform the audit before changing the conclusion.

C.Add comments about the action taken by IT management in the report.

D.Change the conclusion based on evidence provided by IT management.

Question 855

Which of the following is the BEST indication of effective governance over IT infrastructure?

A.A decrease in the number of information security incidents

B.An increase in the number of IT infrastructure servers

C.A requirement for annual security awareness programs

D.The ability to deliver continuous, reliable performance

Other Version: 6252ISACA.CISA.v2026-01-26.q999; 9835ISACA.CISA.v2025-05-24.q773; 3456ISACA.CISA.v2024-10-22.q310; 7867ISACA.CISA.v2023-10-02.q715; 4894ISACA.CISA.v2023-03-29.q119; 3745ISACA.CISA.v2023-02-09.q181; 2303ISACA.CISA.v2023-02-06.q107; 3837ISACA.CISA.v2022-08-28.q129; 5294ISACA.CISA.v2022-02-25.q148; 130ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 6979ISACA.CISA.v2021-11-11.q194; 10483ISACA.CISA.v2021-10-08.q198; 11550ISACA.CISA.v2021-09-28.q199; 13794ISACA.CISA.v2021-09-11.q201

Latest Upload: 282PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 412Nokia.4A0-113.v2026-05-01.q69; 440EC-COUNCIL.312-49v11.v2026-04-30.q214; 403Microsoft.MB-820.v2026-04-30.q101; 274Salesforce.MC-202.v2026-04-30.q57; 322BICSI.INSTC_V8.v2026-04-29.q53; 457NMLS.MLO.v2026-04-28.q82; 299NCARB.Project-Management.v2026-04-28.q27; 547EMC.D-AV-DY-23.v2026-04-27.q184; 1388ServiceNow.CSA.v2026-04-27.q483

Question 851

Question 852

Question 853

Question 854

Question 855

Download PDF File