Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CISA

ISACA CISA Exam Questions
Certified Information Systems Auditor (Page 63 )

Updated On: 28-Feb-2026
Page 63 of 366
PDF with 1823 Questions

An organization's enterprise architecture (EA) department decides to change a legacy system's components while maintaining its original functionality. Which of the following is MOST important for an IS auditor to understand when reviewing this decision?

  1. The current business capabilities delivered by the legacy system
  2. The database entity relationships within the legacy system
  3. The proposed network topology to be used by the redesigned system
  4. The data flows between the components to be used by the redesigned system

Answer(s): A



A legacy application is running on an operating system that is no longer supported by the vendor. If the organization continues to use the current application, which of the following should be the IS auditor's GREATEST concern?

  1. Potential exploitation of zero-day vulnerabilities in the system
  2. Inability to update the legacy application database
  3. Increased cost of maintaining the system
  4. Inability to use the operating system due to potential license issues

Answer(s): A



A system development project is experiencing delays due to ongoing staff shortages. Which of the following strategies would provide the GREATEST assurance of system quality at implementation?

  1. Utilize new system development tools to improve productivity.
  2. Deliver only the core functionality on the initial target date.
  3. Implement overtime pay and bonuses for all development staff.
  4. Recruit IS staff to expedite system development.

Answer(s): B



When reviewing past results of a recurring annual audit, an IS auditor notes that findings may not have been reported and independence may not have been maintained. Which of the following IS the auditor's BEST course of action?

  1. Reevaluate internal controls
  2. Re-perform past audits to ensure independence
  3. Inform senior management
  4. Inform audit management

Answer(s): D



An information systems security officer's PRIMARY responsibility for business process applications is to:

  1. create role-based rules for each business process.
  2. approve the organization's security policy.
  3. ensure access rules agree with policies.
  4. authorize secured emergency access.

Answer(s): C



Viewing page 63 of 366
Viewing questions 311 - 315 out of 1823 questions



Post your Comments and Discuss ISACA CISA exam dumps with other Community members:

CISA Exam Discussions & Posts

AI Tutor