ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 928 discussion

Actual exam question from Isaca's CISA
Question #: 928
Topic #: 1
[All CISA Questions]

Which of the following should be of GREATEST concern to an IS auditor assessing the effectiveness of an organization’s vulnerability scanning program?

  • A. Scans are performed less frequently than required by the organization’s vulnerability scanning schedule.
  • B. Steps taken to address identified vulnerabilities are not formally documented.
  • C. Results are not approved by senior management.
  • D. Results are not reported to individuals with authority to ensure resolution.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Swallows at May 26, 2024, 5:53 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Swallows
1 month, 2 weeks ago
Selected Answer: D
While the lack of formal documentation for steps taken to address identified vulnerabilities (Option B) is also a concern, it may not pose as significant a risk as the failure to report results to individuals with authority. Without proper reporting mechanisms in place, vulnerabilities may persist unchecked, leaving the organization exposed to potential security breaches and threats. Therefore, ensuring that results are reported to individuals with authority is the GREATEST concern for an IS auditor assessing the effectiveness of an organization’s vulnerability scanning program.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago