Exam CISA Topic 1 Question 477 Discussion
Actual exam question for ISACA's CISA exam
Question #: 477
Topic #: 1
Question #: 477
Topic #: 1
An IS auditor evaluating logical access controls should FIRST:
Suggested Answer: D Vote an answer
When evaluating logical access controls, an IS auditor should first obtain an understanding of the security risks facing information processing by reviewing relevant documentation, by inquiries, and by conducting a risk assessment. Documentation andevaluation is the second step in assessing the adequacy, efficiency and effectiveness, thus identifying deficiencies or redundancy in controls. The third step is to test the access paths-to determine if the controls are functioning. Lastly, thelS auditor evaluates the security environment to assess its adequacy by reviewing the written policies, observing practices and comparing them to appropriate security best practices.
by Elvis at Jul 10, 2026, 05:00 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).