Which of the following would an IS auditor consider the MOST relevant to short-term planning for an
IS department?

Which of the following goals would you expect to find in an organization’s strategic plan?

Which of the following would an IS auditor consider to be the MOST important when evaluating an
organization’s IS strategy? That it:

An IS auditor reviewing an organization’s IT strategic plan should FIRST review:

When reviewing IS strategies, an IS auditor can BEST assess whether IS strategy supports the
organizations’ business objectives by determining if IS:

In an organization, the responsibilities for IT security are clearly assigned and enforced and an IT
security risk and impact analysis is consistently performed. This represents which level of ranking in
the information security governance maturity model?

To aid management in achieving IT and business alignment, an IS auditor should recommend the use
of:

When reviewing the IT strategic planning process, an IS auditor should ensure that the plan:

When developing a formal enterprise security program, the MOST critical success factor (CSF) would
be the:

When reviewing an organization’s strategic IT plan an IS auditor should expect to find: