Free Access ISACA.CISA.v2026-02-11.q999 Practice Test (Page 184)

Question 911

Following an IS audit, which of the following types of risk would be MOST critical to communicate to key stakeholders?

A.Audit

B.Inherent

C.Residual

D.Control

Question 912

A financial services organization is developing and documenting business continuity measures. In which of the following cases would an IS auditor MOST likely raise an issue?

A.The organization uses good practice guidelines instead of industry standards and relies on external advisors to ensure the adequacy of the methodology.

B.The business continuity capabilities are planned around a carefully selected set of scenarios which describe events that might happen with a reasonable probability.

C.The recovery time objectives (RTOs) do not take IT disaster recovery constraints into account, such as personnel or system dependencies during the recovery phase.

D.The organization plans to rent a shared alternate site with emergency workplaces which has only enough room for half of the normal staff.

Question 913

.An advantage of a continuous audit approach is that it can improve system security when used in time-sharing environments that process a large number of transactions. True or false?

A.True

B.False

Question 914

In a typical system development life cycle (SDLC), which group is PRIMARILY responsible tor confirming compliance with requirements?

A.Internal audit

B.Risk management

C.Steering committee

D.Quality assurance (QA)

Question 915

An organization globally distributes a free phone application that includes a module to gather and report user information. The application includes a privacy notice altering users to the data gathering. Which of the following presents the GREATEST risk?

A.There is no framework to delete personal data

B.The data is not properly encrypted on the application server

C.There may be a backlash among users when the data gathering is revealed

D.The data gathering notice is available in only one language

Other Version: 5724ISACA.CISA.v2026-01-26.q999; 9530ISACA.CISA.v2025-05-24.q773; 3187ISACA.CISA.v2024-10-22.q310; 7453ISACA.CISA.v2023-10-02.q715; 4769ISACA.CISA.v2023-03-29.q119; 3557ISACA.CISA.v2023-02-09.q181; 2208ISACA.CISA.v2023-02-06.q107; 3732ISACA.CISA.v2022-08-28.q129; 5165ISACA.CISA.v2022-02-25.q148; 127ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 6822ISACA.CISA.v2021-11-11.q194; 10345ISACA.CISA.v2021-10-08.q198; 11418ISACA.CISA.v2021-09-28.q199; 13605ISACA.CISA.v2021-09-11.q201

Latest Upload: 203PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 305Nokia.4A0-113.v2026-05-01.q69; 266EC-COUNCIL.312-49v11.v2026-04-30.q214; 230Microsoft.MB-820.v2026-04-30.q101; 213Salesforce.MC-202.v2026-04-30.q57; 208BICSI.INSTC_V8.v2026-04-29.q53; 340NMLS.MLO.v2026-04-28.q82; 245NCARB.Project-Management.v2026-04-28.q27; 466EMC.D-AV-DY-23.v2026-04-27.q184; 1126ServiceNow.CSA.v2026-04-27.q483

Question 911

Question 912

Question 913

Question 914

Question 915

Download PDF File