ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 107 discussion

Actual exam question from Isaca's CISA
Question #: 107
Topic #: 1
[All CISA Questions]

Which task should an IS auditor complete FIRST during the preliminary planning phase of a database security review?

  • A. Determine which databases will be in scope.
  • B. Identify the most critical database controls.
  • C. Evaluate the types of databases being used.
  • D. Perform a business impact analysis (BIA).
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by MohamedAbdelaal at April 26, 2023, 12:41 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Swallows
1 month, 1 week ago
Selected Answer: C
Understanding the types of databases being used within the organization provides essential context for planning the review. This includes identifying the databases' platforms, vendors, versions, and configurations. Such information is crucial for determining the scope of the review (Option A), as it helps the auditor understand the potential risks and vulnerabilities associated with each type of database.
upvoted 1 times
...
5b56aae
2 months, 3 weeks ago
Selected Answer: A
A for me
upvoted 1 times
...
MJORGER
4 months ago
C. Evaluate the types of databases being used. CISA Study Guide 27th: Tycpical Audit Process Steps bys Phase Planning Phase (Determine audit subject --> Define audit objective --> Set audit scope...)
upvoted 3 times
...
crowsaint
9 months, 4 weeks ago
Selected Answer: A
Setting scope is very important. After deciding on the scope, you need to find the important databases within the scope. Databases outside the scope are not important.
upvoted 4 times
...
MohamedAbdelaal
1 year, 2 months ago
Selected Answer: C
I think we need first to assess the database used, then and based on the criticality, the scope of database shall be determined
upvoted 2 times
cidigi
11 months ago
lets say they use DB A, B , X , D, F. What does it matter if in scope is only A and X for exaple?
upvoted 1 times
...
SBD600
1 year, 2 months ago
During the preliminary planning phase of a database security review, an IS auditor should first determine which databases will be in scope. This allows the auditor to focus their efforts on the specific databases that are relevant to the organization's security posture and objectives.
upvoted 8 times
ChaBum
4 months, 2 weeks ago
before looking at which databases will be in scope, first understand the types of databases being used.
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago