exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam

Exam CISA topic 1 question 1507 discussion

Actual exam question from Isaca's CISA
Question #: 1507
Topic #: 1
[All CISA Questions]

A new regulation has been enacted that mandates specific information security practices for the protection of customer data. Which of the following is MOST useful for an IS auditor to review when auditing against the regulation?

  • A. Compliance gap analysis
  • B. Customer data protection roles and responsibilities
  • C. Customer data flow diagram
  • D. Benchmarking studies of adaptation to the new regulation
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
46080f2
1 month ago
Selected Answer: A
A compliance gap analysis provides the clearest and most direct insight into how well an organization aligns with new regulatory requirements, making it the most useful tool for an IS auditor performing a compliance audit.
upvoted 1 times
...
46080f2
1 month ago
Selected Answer: A
the compliance gap analysis stands out as the most useful item for an IS auditor to review. It provides a clear, targeted assessment of compliance with the regulation’s specific information security requirements, ensuring the auditor can effectively evaluate and address any deficiencies in customer data protection.
upvoted 1 times
...
Swallows
4 months ago
Selected Answer: A
When auditing against a new regulation mandating specific information security practices for the protection of customer data, a compliance gap analysis (option A) is the most useful for an IS auditor to review. A compliance gap analysis involves comparing the organization's current practices and controls against the requirements outlined in the regulation. This allows the auditor to identify any gaps or deficiencies in the organization's compliance with the regulation and assess the extent to which the organization meets the regulatory requirements. By conducting a compliance gap analysis, the auditor can provide valuable insights into areas where the organization needs to improve its information security practices to ensure compliance with the new regulation.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago