ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 1808 discussion

Actual exam question from Isaca's CISA
Question #: 1808
Topic #: 1
[All CISA Questions]

An IS auditor is reviewing an organization’s system development life cycle (SDLC). Which of the following MUST be included in the review?

  • A. Ownership of the system quality management plan
  • B. Utilization of standards in the system development processes and procedures
  • C. Validation that system development processes adhere to quality standards
  • D. Definition of quality attributes to be associated with the system
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by blehbleh at Oct. 19, 2024, 1:15 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Cisagroup
4 months, 2 weeks ago
Selected Answer: C
When reviewing an organization’s System Development Life Cycle (SDLC), an IS auditor must ensure that system development processes follow established quality standards (e.g., ISO 9001, CMMI, ITIL, COBIT)
upvoted 1 times
...
46080f2
5 months ago
Selected Answer: C
An IS auditor reviewing an organization’s SDLC must validate that development processes adhere to established quality standards. This involves verifying compliance with documented procedures at each phase of the lifecycle, such as design specifications, testing protocols, and post-implementation controls12. For example, auditors assess whether design documents align with institutional standards, whether testing follows approved methodologies, and whether changes are properly authorized13. While utilization of standards (B) is important, the audit’s critical function is validation (C) to ensure actual adherence rather than mere existence of standards. Quality attributes (D) and ownership details (A) are context-dependent considerations rather than universal requirements for every SDLC review.
upvoted 1 times
...
blehbleh
9 months, 2 weeks ago
I am torn between B and C. If someone can explain why one is correct with evidence that would be helpful.
upvoted 1 times
crackcisa
9 months, 2 weeks ago
Validation that system development processes adhere to quality standards: This is crucial because it ensures that the entire SDLC process is consistently producing high-quality systems. Adherence to quality standards throughout the development process helps in identifying and mitigating issues early, ensuring the final product meets the required quality benchmarks. On the other hand, Utilization of standards in the system focuses on the presence of standards rather than verifying that these standards are actually being followed and implemented correctly.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel