New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CISA Exam - Topic 1 Question 33 Discussion

Actual exam question for Isaca's CISA exam
Question #: 33
Topic #: 1
[All CISA Questions]

An IS auditor determines that a business continuity plan has not been reviewed and approved by management. Which of the following is the MOST significant risk associated with this situation?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Mona at May 09, 2022, 11:59 AM

Limited Time Offer

25%

Off

Get Premium CISA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Noe
4 months ago
A could be a problem too, but not as urgent as C.
upvoted 0 times
...
Janna
4 months ago
D seems like a huge oversight, can't believe it wasn't done.
upvoted 0 times
...
Anastacia
4 months ago
Surprised that management hasn't reviewed it at all!
upvoted 0 times
...
Allene
4 months ago
I think B is more critical. Best practices matter!
upvoted 0 times
...
Ilene
5 months ago
C is definitely the biggest risk here.
upvoted 0 times
...
Georgeanna
5 months ago
I recall that risk management review is crucial, but I wonder if the bigger issue is really about critical processes not being addressed. Maybe D isn't the most significant risk after all.
upvoted 0 times
...
Alethea
5 months ago
I practiced a similar question where the focus was on resource constraints. But in this case, I feel like the lack of management review could really impact critical processes, so C seems right.
upvoted 0 times
...
Mattie
5 months ago
I'm not entirely sure, but I think if management hasn't reviewed the plan, it might not align with best practices. That makes me lean towards option B.
upvoted 0 times
...
Carline
5 months ago
I remember we discussed how unapproved plans could lead to critical processes being overlooked. So, I think option C might be the most significant risk.
upvoted 0 times
...
Callie
5 months ago
Hmm, I'm a little unsure about this one. I know we covered the variable levels in class, but I can't quite remember where the env: composer_auth variable would be located. I'll have to think this through carefully.
upvoted 0 times
...
Lavera
5 months ago
I think the key here will be identifying the relationships between the VMs, VNETs, and security groups, and then determining how traffic would be allowed or denied based on those configurations. I'll need to map that out step-by-step.
upvoted 0 times
...
Fernanda
5 months ago
Okay, let's see. The question mentions that the gateway is in Ottawa, Canada and the calling user has a +1613 number. I think the answer has to do with how the calling party number is transformed based on that information.
upvoted 0 times
...
Jarvis
5 months ago
I remember studying the stages of change, and I feel like this could relate to Contemplation too. They might be thinking about exercising more but haven't fully committed yet.
upvoted 0 times
...

Save Cancel