CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 45
1. Which of the following is necessary for the effective risk management in IT governance?
A) Risk evaluation is embedded in management processes
B) Risk management strategy is approved by the audit committee
C) Local managers are solely responsible for risk evaluation
D) IT risk management is separate from corporate risk management
2. Which of the following should be an IS auditor's PRIMARY consideration when evaluating the development and design of a privacy program?
A) Data governance and data classification procedures
B) Policies and procedures consistent with privacy guidelines
C) Industry practice and regulatory compliance guidance
D) Information security and incident management practices
3. Which of the following is the PRIMARY objective of implementing privacy-related controls within an organization?
A) To identify data at rest and data in transit for encryption
B) To prevent confidential data loss
C) To comply with legal and regulatory requirements
D) To provide options to individuals regarding use of their data
4. An IS audit of an organization's data classification policies finds some areas of the policies may not be up-to-date with new data privacy regulations. What should management do FIRST to address the risk of noncompliance?
A) Conduct a privacy impact assessment to identify gaps
B) Reclassify information based on revised information classification labels
C) Mandate training on the new privacy regulations
D) Perform a data discovery exercise to identify all personal data
5. Which of the following is MOST important to consider when assessing the scope of privacy concerns for an IT project?
A) Applicable laws and regulations
B) End user access rights
C) Business requirements
D) Classification of data
A) Risk evaluation is embedded in management processes
B) Risk management strategy is approved by the audit committee
C) Local managers are solely responsible for risk evaluation
D) IT risk management is separate from corporate risk management
2. Which of the following should be an IS auditor's PRIMARY consideration when evaluating the development and design of a privacy program?
A) Data governance and data classification procedures
B) Policies and procedures consistent with privacy guidelines
C) Industry practice and regulatory compliance guidance
D) Information security and incident management practices
3. Which of the following is the PRIMARY objective of implementing privacy-related controls within an organization?
A) To identify data at rest and data in transit for encryption
B) To prevent confidential data loss
C) To comply with legal and regulatory requirements
D) To provide options to individuals regarding use of their data
4. An IS audit of an organization's data classification policies finds some areas of the policies may not be up-to-date with new data privacy regulations. What should management do FIRST to address the risk of noncompliance?
A) Conduct a privacy impact assessment to identify gaps
B) Reclassify information based on revised information classification labels
C) Mandate training on the new privacy regulations
D) Perform a data discovery exercise to identify all personal data
5. Which of the following is MOST important to consider when assessing the scope of privacy concerns for an IT project?
A) Applicable laws and regulations
B) End user access rights
C) Business requirements
D) Classification of data
1. Right Answer: A
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: A
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment