ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 1725 discussion

Actual exam question from Isaca's CISA
Question #: 1725
Topic #: 1
[All CISA Questions]

During the course of fieldwork, an internal IS auditor observes a critical vulnerability within a newly deployed application. What is the auditor's BEST course of action?

  • A. Document the finding in the report.
  • B. Identify other potential vulnerabilities.
  • C. Notify IT management.
  • D. Report the finding to the external auditors.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Cisagroup at March 13, 2025, 1:26 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
46080f2
1 month, 1 week ago
Selected Answer: C
CISA study guides emphasizes that auditors must "immediately inform the auditee when any high-risk situation is discovered" (Chapter 2, Audit Process).
upvoted 1 times
...
Cisagroup
1 month, 3 weeks ago
Selected Answer: C
A critical vulnerability poses an immediate security risk and should be promptly communicated to IT management so that it can be addressed as soon as possible. The auditor's role is to report risks and ensure timely remediation, rather than waiting until the audit report is finalized.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago