nerdexam
ExamsCCSPQuestions#251
(ISC)2(ISC)2

CCSP · Question #251

CCSP Question #251: Real Exam Question with Answer & Explanation

The correct answer is B: User satisfaction. Audits are conducted for regulatory compliance, service quality determination, and security assurance, but not for measuring user satisfaction.

Submitted by chiamaka_o· Apr 18, 2026Legal, Risk and Compliance

Question

Which of the following is not a reason for conducting audits?

Options

  • ARegulatory compliance
  • BUser satisfaction
  • CDetermination of service quality
  • DSecurity assurance

Explanation

Audits are conducted for regulatory compliance, service quality determination, and security assurance, but not for measuring user satisfaction.

Common mistakes.

  • A. Regulatory compliance is a primary driver for audits, ensuring an organization meets legal and industry-specific requirements.
  • C. Audits can assess the effectiveness and quality of services by reviewing processes, controls, and performance metrics.
  • D. Security assurance is a key reason for audits, verifying that security controls are in place and effective in protecting information assets.

Concept tested. Purposes of IT audits

Reference. https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final

Topics

#Audits#Audit objectives#Regulatory compliance#Security assurance

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CCSP PracticeBrowse All CCSP Questions