hiexam
isaca · CISA · Q428 · multiple_choice · topic_1

Which of the following observations noted by an IS auditor reviewing internal IT standards is MOST important to address?

Which of the following observations noted by an IS auditor reviewing internal IT standards is MOST important to address?
  • A.The standards have no reference to an industry-recognized framework.
  • B.The standards are not detailed in policies and procedures.
  • C.The standards are not readily available to organization-wide users.
  • D.The standards have not been revised within the last year.
Explanation
Selected Answer: B The effectiveness of IT standards largely depends on how well they are integrated into the organization's policies and procedures. Standards need to be clearly defined and detailed in the organization's policies and procedures to ensure they are understood, implemented, and enforced consistently. Without this detail, there can be a lack of clarity and uniformity in how the standards are applied, leading to potential gaps in compliance, security, and overall IT governance.

Reference: examtopics_top_comment

Practice with progress tracking

Sign in to track wrong answers, get spaced-repetition reminders, and run timed exam mode.

Start tracked practicePricing