ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 780 discussion

Actual exam question from Isaca's CISA
Question #: 780
Topic #: 1
[All CISA Questions]

What is the GREATEST concern for an IS auditor reviewing contracts for licensed software that executes a critical business process?

  • A. An operational level agreement (OLA) was not negotiated.
  • B. Software escrow was not negotiated.
  • C. The contract does not contain a right-to-audit clause.
  • D. Several vendor deliverables missed the commitment date.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by shiowbah at Nov. 22, 2023, 12:52 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
9967be3
6 days, 3 hours ago
Selected Answer: B
Option B as it reffers to business continuity risk: If the vendor goes bankrupt or stops support, the organization loses access to source code (needed for maintenance/updates) and documentation (required for troubleshooting). There is no option to fallback as well. Escrow prevents existential threats.
upvoted 1 times
...
KAP2HURUF
9 months, 3 weeks ago
Selected Answer: B
Option B, "Software escrow was not negotiated," is indeed a significant concern for an IS auditor reviewing contracts for licensed software that executes a critical business process. Software escrow is essential because it ensures that the organization can access the source code and other critical materials necessary to maintain and support the software in case the vendor goes bankrupt or fails to fulfill its obligations.
upvoted 2 times
...
Infysenthil
9 months, 4 weeks ago
I think Escrow is the right answer. Question is related to "Software" license contract for a critical process. Right to audit may be the right answer for outsourced services..
upvoted 2 times
...
Swallows
11 months, 1 week ago
Selected Answer: C
A right-to-audit clause allows the organization to conduct audits of the software vendor's performance, including verifying compliance with licensing terms, security standards, and service level agreements. For software that executes critical business processes, ensuring compliance with licensing terms and the reliability of the software is paramount. Without a right-to-audit clause, the organization may lack the ability to verify the vendor's performance, potentially exposing it to risks such as non-compliance, security vulnerabilities, or service disruptions. While software escrow (option B) is also important for mitigating risks associated with vendor non-performance, the absence of a right-to-audit clause presents a more significant concern as it directly impacts the organization's ability to verify and enforce contractual obligations and ensure the integrity of critical business processes.
upvoted 2 times
...
a84n
1 year ago
Selected Answer: C
Answer C In the context of reviewing contracts for licensed software, the primary concern is often ensuring that the organization has the necessary rights and mechanisms to monitor and enforce compliance with the terms of the software license agreement. This includes verifying that the organization has the right to audit the vendor's compliance with the terms of the contract, which is typically addressed through a right-to-audit clause.
upvoted 1 times
...
shiowbah
1 year, 5 months ago
C. The contract does not contain a right-to-audit clause.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago