Study tips CISA

To evaluate the potential losses, the team should:

Which of the following does a lack of adequate security controls represent?

Assessing IT risks is BEST achieved by:

This is an example of risk:

A poor choice of passwords and transmission over unprotected communications lines are examples of:

An IS auditor reviewing the risk assessment process of an organization should FIRST:

Measures of security risk should:

Which of the following should be considered FIRST when implementing a risk management program?

As a driver of IT governance, transparency of IT’s cost, value and risks is primarily achieved through:

Which of the following should be the MOST important consideration when deciding areas of priority for IT governance implementation?