# CISA — Question 428

**Type:** multiple_choice
**Topics:** topic_1

## Question

Which of the following observations noted by an IS auditor reviewing internal IT standards is MOST important to address?

## Correct Answer

_See scenario._

## Explanation

Selected Answer: B
The effectiveness of IT standards largely depends on how well they are integrated into the organization's policies and procedures. Standards need to be clearly defined and detailed in the organization's policies and procedures to ensure they are understood, implemented, and enforced consistently. Without this detail, there can be a lack of clarity and uniformity in how the standards are applied, leading to potential gaps in compliance, security, and overall IT governance.

**Reference:** examtopics_top_comment

---
Source: https://hiexam.net/q/isaca/CISA/428  
Practice (tracked): https://hiexam.net/study/CISA/practice