Free Access to ISACA.CISA.v2024-03-31.q980 with Valid Practice Test (Page 115)

Question 566

Which of the following is the MOST effective mechanism for ensuring that critical IT operational problems are reported to executive management in a timely manner?

A.Service level monitoring
B.Escalation procedures
C.Regular meetings
D.Periodic status reports

Question 567

An IS auditor learns that an in-house system development life cycle (SDLC) project has not met user specifications. The auditor should FIRST examine requirements from which of the following phases?

A.Configuration phase
B.User training phase
C.Quality assurance (QA) phase
D.Development phase

Question 568

During the review of a web-based software development project, an IS auditor realizes that coding standards are not enforced and code reviews are rarely carried out. This will MOST likely increase the likelihood of a successful:

A.buffer overflow.
B.brute force attack.
C.distributed denial-of-service attack.
D.war dialing attack.

Question 569

COBIT 5 separates information goals into three sub-dimensions of quality. Which of the following sub- dimension of COBIT 5 describes the extent to which data values are in conformance with the actual true value?

A.Intrinsic quality
B.Contextual and representational quality
C.Security quality
D.Accessibility quality

Correct Answer: A

Section: Protection of Information Assets
Explanation/Reference:
Explanation:
Three sub-dimensions of quality in COBIT 5 are as follows:
1. Intrinsic quality - The extent to which data values are in conformance with the actual or true values. It includes Accuracy - The extent to which information is correct or accurate and reliable Objectivity - The extent to which information is unbiased, unprejudiced and impartial.
Believability - The extent to which information is regarded as true and credible.
Reputation - The extent to which information is highly regarded in terms of its source or content.
2. Contextual and Representational Quality - The extent to which information is applicable to the task of the information user and is presented in an intelligible and clear manner, reorganizing that information quality depends on the context of use. It includes Relevancy - The extent to which information is applicable and helpful for the task at hand.
Completeness - The extent to which information is not missing and is of sufficient depth and breadth for the task at hand Currency - The extent to which information is sufficiently up to date for task at hand.
Appropriate amount of information - The extent to which the volume of information is appropriate for the task at hand Consistent Representation - The extent to which information is presented in the same format.
Interpretability - The extent to which information is in appropriate languages, symbols and units, with clear definitions.
Understandability - The extent to which information is easily comprehended.
Ease of manipulation - The extent to which information is easy to manipulate and apply to different tasks.
3. Security/accessibility quality - The extent to which information is available or obtainable. It includes:
Availability/timeliness - The extent to which information is available when required, or easily available when required, or easily and quickly retrievable.
Restricted Access - The extent to which access to information is restricted appropriately to authorize parties.
The following were incorrect answers:
Contextual and representational quality - The extent to which information is applicable to the task of the information user and is presented in an intelligible and clear manner, reorganizing that information quality depends on the context of use.
Security Quality or Accessibility quality -The extent to which information is available or obtainable.
Reference:
CISA review manual 2014 Page number 310

Question 570

Which of the following provides the MOST useful information regarding an organization's risk appetite and tolerance?

A.Audit reports
B.Risk profile
C.Risk register
D.Gap analysis

Question 566

Question 567

Question 568

Question 569

Question 570

Download PDF File