ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 1386 discussion

Actual exam question from Isaca's CISA
Question #: 1386
Topic #: 1
[All CISA Questions]

An IS auditor is planning an audit of an organization's risk management practices. Which of the following would provide the MOST useful information about risk appetite?

  • A. Prior audit reports
  • B. Risk policies
  • C. Management assertion
  • D. Risk assessments
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Swallows at May 26, 2024, 12:36 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Swallows
1 month, 2 weeks ago
Selected Answer: B
Risk policies are specifically crafted to define an organization's risk appetite and tolerance levels. They outline the acceptable level of risk the organization is willing to take to achieve its objectives. Reviewing risk policies provides clear insight into the organization's stance on risk and helps establish guidelines for risk-taking activities across different departments and functions. Therefore, examining risk policies would offer the most useful information about risk appetite during the audit process.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago