New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CISA Exam - Topic 6 Question 71 Discussion

Actual exam question for Isaca's CISA exam
Question #: 71
Topic #: 6
[All CISA Questions]

A bank wants to outsource a system to a cloud provider residing in another country. Which of the following would be the MOST appropriate IS audit recommendation?

Show Suggested Answer Hide Answer
Suggested Answer: B

The most appropriate IS audit recommendation for a bank that wants to outsource a system to a cloud provider residing in another country is to ensure the provider's internal control system meets bank requirements. This is because the cloud provider will be handling the bank's data, so it is important to ensure that the provider has appropriate controls in place to protect the data and to ensure its integrity. Additionally, the provider should have policies and procedures in place to ensure the security and privacy of the data, as well as to ensure compliance with applicable laws and regulations. For more information, please refer to the ISACA CISA Study Guide section 4.13.2.2.


by Brock at Mar 07, 2024, 06:19 AM

Limited Time Offer

25%

Off

Get Premium CISA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Mauricio
3 months ago
C sounds risky, laws vary so much!
upvoted 0 times
...
Jutta
3 months ago
D is important too, but internal controls are crucial!
upvoted 0 times
...
Irma
3 months ago
Wait, can we really trust a foreign provider?
upvoted 0 times
...
Tammy
4 months ago
I think A is too extreme, we need to be flexible.
upvoted 0 times
...
Goldie
4 months ago
Option B is definitely the way to go.
upvoted 0 times
...
Emmanuel
4 months ago
I lean towards option B as well. It seems essential for the provider to meet the bank's requirements, especially for security and compliance.
upvoted 0 times
...
Antonio
4 months ago
I’m a bit confused about the legal aspects. I thought option C seemed reasonable since providers must follow laws, but I’m not confident that’s enough.
upvoted 0 times
...
Lorean
4 months ago
I feel like we had a similar question about outsourcing in our practice exam. I think ensuring disaster recovery is crucial, so maybe option D?
upvoted 0 times
...
Elvis
5 months ago
I remember we discussed the importance of internal controls in class. I think option B might be the best choice, but I'm not entirely sure.
upvoted 0 times
...
Georgeanna
5 months ago
The disaster recovery capability is definitely important, but I'm not sure that's the most appropriate recommendation here. I'll have to think this through.
upvoted 0 times
...
Celia
5 months ago
I'm a bit confused on this one. Do we really need to worry about the provider observing all the laws of the client countries? Isn't that their responsibility?
upvoted 0 times
...
Kayleigh
5 months ago
Hmm, I think the key here is ensuring the provider's internal controls meet the bank's requirements. That should be the top priority.
upvoted 0 times
...
Sean
5 months ago
This seems like a tricky one. I'll need to carefully consider the risks of outsourcing to a foreign provider versus finding a local alternative.
upvoted 0 times
...
Keva
5 months ago
This seems like a straightforward question about luggage handling. I'll read through the options carefully and go with the one that best matches the description.
upvoted 0 times
...
Donette
5 months ago
Okay, let's think this through step-by-step. First, we need to find the contribution margin per unit. Then we can use that to calculate the break-even point in units. I think I've got this!
upvoted 0 times
...
Willard
5 months ago
I thought the BOT access token was for bot authentication, so I'm leaning away from that option.
upvoted 0 times
...
Alishia
5 months ago
The key is making sure the support plan provides the access to support engineers that the policy specifies. I'll carefully review the details of each plan to confirm which one best meets that need.
upvoted 0 times
...
Gregg
2 years ago
That's a good point, but I think as long as the provider follows our country's laws, we should be fine.
upvoted 0 times
...
Otis
2 years ago
But shouldn't we also consider finding an alternative provider in our home country for added security?
upvoted 0 times
...
Corrina
2 years ago
I agree with Gregg. It's important to ensure our data is secure.
upvoted 0 times
...
Gregg
2 years ago
I think we should make sure the provider's internal control system meets our requirements.
upvoted 0 times
...

Save Cancel