CISA Exam Study Questions

Who is responsible for imposing an IT governance model encompassing IT strategy, information

security, and formal enterprise architectural mandates? - ANS - IT executives and the Board of

Directors

The party that performs strategic planning, addresses near-term and long-term requirements

aligning business objectives, and technology strategies. - ANS - The Steering Committee

What three elements allow validation of business practices against acceptable measures of

regulatory compliance, performance, and standard operational guidelines. - ANS - (1.) Polices

(2.) Procedures (3.) Standards

What activity involves the identification of potential risk and the appropriate response for each

threat based on impact assessment using qualitative and/or quantitative measures for an

enterprise-wide risk management strategy? - ANS - Risk Management

IT Governance is most concerned with.... - ANS - IT Strategy