Free ISACA CISA Exam Dumps Questions & Answers


Exam Code/Number:	CISAJoin the discussion
Exam Name:	Certified Information Systems Auditor
Certification:	ISACA
Question Number:	1435
Publish Date:	Jan 12, 2026
Rating 100%

Page: 1 / 287
Total 1435 questions

Question 1

Which of the following should be of GREATEST concern to an IS auditor assessing an organization's patch management program?

A. There is no process in place to quarantine servers that have not been patched.
B. There is no process in place to scan the network to identify missing patches.
C. Patches for medium- and low-risk vulnerabilities are omitted.
D. Patches are deployed from multiple deployment servers.

Question 2

Which of the following be of GREATEST concern to an IS auditor reviewing on-site preventive maintenance for an organization's business-critical server hardware?

A. Preventive maintenance has not been approved by the information system
B. Preventive maintenance is outsourced to multiple vendors without requiring nondisclosure agreements (NDAs)
C. The preventive maintenance schedule is based on mean time between failures (MTBF) parameters.
D. Preventive maintenance costs exceed the business allocated budget.

Question 3

An IS auditor is reviewing the system development practices of an organization that is about to move from a Waterfall to an Agile approach. Which of the following is MOST important for the auditor to focus on as a result of this move?