Isaca Certification CISA Full Course Free

Comprehensive and Detailed Step-by-Step Explanation:

AnIT strategymust bealigned with business objectives, not solely based onmarket trends.

Strategic IT Goals Derived Solely from Market Trends (Correct Answer – D)

IT strategy should supportorganizational goals, not justfollow industry trends.

Example:A company investing inAIjust because it’strendy, without considering business needs.

Previous Year’s IT Goals Not Achieved (Incorrect – A)

A concern, butdoes not indicate a fundamental strategy flaw.

Target Architecture Defined at a Technical Level (Incorrect – B)

Technical details are important for implementation.

Financial Estimates Included (Incorrect – C)

Cost transparency is agood practice.

Comprehensive and Detailed Step-by-Step Explanation:

Theprimary roleof an internalIS audit functionis to provideindependent assuranceonrisk management, internal controls, and governance processes.

Option A (Incorrect):While audits may identifycontrol improvements, they donot initiate changes; management is responsible for implementation.

Option B (Incorrect):Compliance audits arepartof IS auditing, but the main focus isassurance on risk and controls, not just compliance.

Option C (Incorrect):Best practices and standards reviews are useful, but theydo not definethecore objectiveof an internal audit.

Option D (Correct):The internal audit function'smain goalis toassess and assurethe effectiveness of an organization’srisk management and internal controls.

The IS auditor should be most concerned if completeness testing has not been performed on the log data, as this could indicate that some logs are missing, corrupted, or tampered with, and that the log aggregation system is not reliable or accurate12. Completeness testing is a process of verifying that all the logs generated by the source systems are successfully collected, transferred, and stored by the log aggregation system, and that there are no gaps or inconsistencies in the log data34. Completeness testing is essential for ensuring the integrity and validity of the log data, and for supporting the risk management practices of the organization.

References

1: Log Aggregation: How it Works, Methods, and Tools - Exabeam2 2: Log Aggregation & Monitoring Relation in Cybersecurity4 3: Log Aggregation: What It Is & How It Works | Datadog3 4: Data Flow Testing - GeeksforGeeks1