Isaca Exam CISA Topic 5 Question 70 Discussion

Actual exam question for Isaca's CISA exam

Question #: 70
Topic #: 5

[All CISA Questions]

An IS auditor is evaluating an organization's IT strategy and plans. Which of the following would be of GREATEST concern?

AThere is not a defined IT security policy.

BThe business strategy meeting minutes are not distributed.

CIT is not engaged in business strategic planning.

DThere is inadequate documentation of IT strategic planning.

Show Suggested Answer

Suggested Answer: A

The best way to prevent fraudulent payments is to implement segregation of duties between the vendor setup and payment processing. Segregation of duties is an important control measure used to mitigate the risks associated with fraud and errors. By separating the processes of vendor setup and payment processing, it ensures that no single individual has control over both activities, and thereby reduces the risk of fraudulent payments. Additionally, other measures such as dual authorization and automated controls can be used to further reduce the risk.

by Lashandra at Feb 08, 2024, 05:33 AM

Limited Time Offer

25%

Off

Get Premium CISA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Barabara

10 days ago

B) The business strategy meeting minutes not being distributed? That's just lazy. How will anyone know what's going on?

upvoted 0 times

...

Selma

11 days ago

Hmm, D) Inadequate documentation of IT strategic planning is a red flag. How will the auditor even evaluate the strategy without proper documentation?

upvoted 0 times

...

Sophia

17 days ago

A) A lack of defined IT security policy is pretty worrying. How can you protect the organization without clear security guidelines?

upvoted 0 times

...

Hildred

18 days ago

C) IT is not engaged in business strategic planning seems like the biggest concern. If IT is not involved, how can they align their plans and investments with the business needs?

upvoted 0 times

...