Isaca Exam CISA Topic 5 Question 66 Discussion

Actual exam question for Isaca's Certified Information Systems Auditor exam

Question #: 66
Topic #: 5

[All Certified Information Systems Auditor Questions]

What should an IS auditor evaluate FIRST when reviewing an organization's response to new privacy legislation?

AImplementation plan for restricting the collection of personal information

BPrivacy legislation in other countries that may contain similar requirements

COperational plan for achieving compliance with the legislation

DAnalysis of systems that contain privacy components

Show Suggested Answer

Suggested Answer: D

This is according to the ISACA's IS Auditing Guideline G14 on Privacy and Data Protection, which states that an IS auditor should first evaluate the organization's ability to identify and assess the systems that contain privacy components, and then review the adequacy of the operational plan for achieving compliance with the legislation.

by Cecily at Oct 07, 2023, 11:31 AM

Limited Time Offer

25%

Off

Get Premium CISA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!