ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 1656 discussion

Actual exam question from Isaca's CISA
Question #: 1656
Topic #: 1
[All CISA Questions]

What is the BEST way to identify unforeseen risk that may impact IT processes?

  • A. Review metrics and historical incident response reports.
  • B. Perform application control self-assessments (CSAs).
  • C. Assess IT policies and procedures.
  • D. Conduct a threat and vulnerability analysis.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by 46080f2 at April 1, 2025, 11:38 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
46080f2
2 days, 21 hours ago
Selected Answer: D
Threat and vulnerability analysis (D) addresses both existing vulnerabilities (e.g., unpatched systems) and potential threats (e.g., new attack techniques), aligning with the materials' focus on proactive risk identification. Historical data (A) and policy reviews (C) are reactive, while CSAs (B) validate controls rather than discover risks.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago