New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CISA Exam - Topic 5 Question 70 Discussion

Actual exam question for Isaca's CISA exam
Question #: 70
Topic #: 5
[All CISA Questions]

An IS auditor is evaluating an organization's IT strategy and plans. Which of the following would be of GREATEST concern?

Show Suggested Answer Hide Answer
Suggested Answer: A

The best way to prevent fraudulent payments is to implement segregation of duties between the vendor setup and payment processing. Segregation of duties is an important control measure used to mitigate the risks associated with fraud and errors. By separating the processes of vendor setup and payment processing, it ensures that no single individual has control over both activities, and thereby reduces the risk of fraudulent payments. Additionally, other measures such as dual authorization and automated controls can be used to further reduce the risk.


by Lashandra at Feb 08, 2024, 05:33 AM

Limited Time Offer

25%

Off

Get Premium CISA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Dell
3 months ago
Inadequate documentation can lead to major problems too!
upvoted 0 times
...
Lucy
3 months ago
Wait, are we really saying no security policy is the biggest issue?
upvoted 0 times
...
Johnetta
3 months ago
I think not engaging in strategic planning is worse.
upvoted 0 times
...
Nida
4 months ago
Totally agree, no security policy is a huge red flag.
upvoted 0 times
...
Xochitl
4 months ago
A defined IT security policy is a must!
upvoted 0 times
...
Katy
4 months ago
I recall a practice question where the lack of an IT security policy was highlighted as a significant risk. It makes me think that option A could be the right choice here.
upvoted 0 times
...
Allene
4 months ago
I feel like the documentation of IT strategic planning is important, but it might not be as critical as having a solid IT security policy.
upvoted 0 times
...
Elenora
4 months ago
I'm not entirely sure, but I think IT engagement in business strategic planning is crucial. If they're not involved, it could lead to misalignment.
upvoted 0 times
...
Shaquana
5 months ago
I remember we discussed the importance of having a defined IT security policy in class. It seems like that would be a major concern for an IS auditor.
upvoted 0 times
...
Hui
5 months ago
Okay, I've got this. The question is asking about the IT auditor's perspective, so I need to think about what would be the biggest red flag for them in terms of evaluating the organization's IT strategy and plans. I'm leaning towards option C - if IT isn't engaged in the business strategic planning, that seems like a major gap.
upvoted 0 times
...
Ronald
5 months ago
Hmm, this is a tricky one. I'm not entirely sure what the "greatest concern" means in this context. Is it the most critical issue, the one that would have the biggest impact? I'll need to think through each option carefully.
upvoted 0 times
...
Valda
5 months ago
This question seems straightforward - I think the key is to focus on the "greatest concern" part. The options seem to be about different aspects of IT strategy and planning, so I'll need to evaluate which one would be the biggest issue.
upvoted 0 times
...
Lindsey
5 months ago
I'm a bit confused by the wording of this question. What exactly does "greatest concern" mean? Is it the most severe issue, the most likely to cause problems, or something else? I'll need to re-read the options and try to figure out the intent behind the question.
upvoted 0 times
...
Carmelina
5 months ago
I'm feeling pretty confident about this one. The Platform Events approach in A is definitely the way to go. It's the most modern and flexible solution that meets all the requirements. I'll focus on understanding the details of how to implement that.
upvoted 0 times
...
Micheline
5 months ago
I remember that CSR strategies are often linked to brand strength, but I'm not sure if differentiation is also considered a direct benefit.
upvoted 0 times
...
Lavelle
5 months ago
Hmm, I'm a bit confused by the different components and arguments that need to be fixed. I'll need to review the Kubernetes documentation carefully to make sure I understand how to properly configure the API server, Kubelet, and ETCD.
upvoted 0 times
...
Alecia
5 months ago
Hmm, I'm not totally sure about this one. I know information radiators are used in Agile, but I can't remember the exact definition. I'll have to think about this one a bit more.
upvoted 0 times
...
Lisandra
10 months ago
Wait, so IT isn't even involved in business strategy planning? That's like a chef not being in the kitchen - recipe for disaster!
upvoted 0 times
Veronique
9 months ago
C) IT is not engaged in business strategic planning.
upvoted 0 times
...
Bambi
9 months ago
B) The business strategy meeting minutes are not distributed.
upvoted 0 times
...
Gayla
9 months ago
A) There is not a defined IT security policy.
upvoted 0 times
...
...
Barabara
10 months ago
B) The business strategy meeting minutes not being distributed? That's just lazy. How will anyone know what's going on?
upvoted 0 times
Carmela
9 months ago
C) IT is not engaged in business strategic planning.
upvoted 0 times
...
Frederica
9 months ago
B) I agree, it's important to have clear policies in place.
upvoted 0 times
...
Farrah
10 months ago
A) There is not a defined IT security policy.
upvoted 0 times
...
...
Selma
10 months ago
Hmm, D) Inadequate documentation of IT strategic planning is a red flag. How will the auditor even evaluate the strategy without proper documentation?
upvoted 0 times
...
Sophia
11 months ago
A) A lack of defined IT security policy is pretty worrying. How can you protect the organization without clear security guidelines?
upvoted 0 times
...
Hildred
11 months ago
C) IT is not engaged in business strategic planning seems like the biggest concern. If IT is not involved, how can they align their plans and investments with the business needs?
upvoted 0 times
Gilberto
9 months ago
D) There is inadequate documentation of IT strategic planning.
upvoted 0 times
...
Irma
9 months ago
C) IT is not engaged in business strategic planning.
upvoted 0 times
...
Gianna
10 months ago
B) The business strategy meeting minutes are not distributed.
upvoted 0 times
...
Mi
10 months ago
A) There is not a defined IT security policy.
upvoted 0 times
...
...
Barrett
11 months ago
But what about the inadequate documentation of IT strategic planning? That could also lead to issues in the organization's IT strategy.
upvoted 0 times
...
Glennis
11 months ago
I agree with Rory. Without IT being involved in strategic planning, there could be major gaps in the organization's IT strategy.
upvoted 0 times
...
Rory
11 months ago
I think the greatest concern would be if IT is not engaged in business strategic planning.
upvoted 0 times
...

Save Cancel