CISA Question #128: Real Exam Question with Answer & Explanation

Sign in or unlock CISA to reveal the answer and full explanation for question #128. The question stem and answer options stay visible for context.

Submitted by andreas_gr· Apr 18, 2026Governance and Management of IT

Question

Which of the following should be the GREATEST concern to an IS auditor reviewing the information security framework of an organization?

Options

AA list of critical information assets was not included in the information security policy.
BSenior management was not involved in the development of the information security policy.
CThe information security policy is not aligned with regulatory requirements.
DThe information security policy has not been updated in the last two years.

Unlock CISA to see the answer

You've previewed enough free CISA questions. Unlock CISA for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock CISA - $49.99 / 30 days Sign in

Topics

#Information Security Policy#Regulatory Compliance#IT Governance#IS Auditor Concerns

Full CISA Practice Browse All CISA Questions