Quiz CISA

Quiz CISA, Certified Information Systems Auditor

Which of the following does a lack of adequate security controls represent?

Assessing IT risks is BEST achieved by:

This is an example of risk:

A poor choice of passwords and transmission over unprotected communications lines are examples of:

An IS auditor reviewing the risk assessment process of an organization should FIRST:

Measures of security risk should:

Which of the following should be considered FIRST when implementing a risk management program?

As a driver of IT governance, transparency of IT’s cost, value and risks is primarily achieved through:

Which of the following should be the MOST important consideration when deciding areas of priority for IT governance implementation?

The PRIMARY benefit of implementing a security program as part of a security governance framework is the: