IT Service Delivery — CISA Practice Questions

Learning

Loading practice session...

Loading certificate…

Ready to learn

Sample questions — IT Service Delivery

1. Performance of a third party should be compared to the agreed-upon service-level metrics and must be

A.Supplied by an independent employee of the service provider
B.Accepted at face value by the customer
C.Reviewed by management✓ Correct
D.Review is not necessary because it is a third party and outside the customer’s control

Explanation

All performance under an SLA must be reviewed by management against agreed service levels.

2. What is the most important responsibility of the IT security person?

A.Controlling and monitoring compliance to data security policies✓ Correct
B.Promoting security awareness within the organization
C.Establishing procedures for IT and reviewing for legal accuracy
D.Assisting in system administration of the servers and database

Explanation

The IT security person’s primary role is to control and monitor compliance to data security policies.

3. Segregation of duties may not be practical in a small environment. A single employee may be performing the combined functions of server operator and application programmer. The IS auditor should recommend controls for which of the following?

A.Automated logging of changes made to development libraries
B.The hiring of additional technical staff to force segregation of duties
C.Preventing the operator login ID from making program modifications
D.Procedures verifying that only approved program changes are implemented✓ Correct

Explanation

Compensating controls like verifying only approved program changes are implemented mitigate SoD issues.

4. What are the four basic types of metrics that can be used to measure IT performance?

A.Efficiency, implementation, impact, effectiveness✓ Correct
B.Cost, quantifiable, qualitative, historical
C.Process control, compliance, efficiency, cost
D.Service definition, performance goal, cost, effectiveness

Explanation

The four basic IT performance metrics are efficiency, implementation, impact, and effectiveness.

5. What type of control is representative of exception reporting?

A.Processing✓ Correct
B.Output
C.Database integrity
D.Service level

Explanation

Exception reporting is a processing control used to identify and handle input errors before processing.

Practice all 35+ questions in this domain

Start free practice →

Frequently asked questions

How many CISA practice questions are there for IT Service Delivery?↓

AnyCert has 35 CISA practice questions specifically for the IT Service Delivery domain, each with a detailed AI-tutored explanation.

Is IT Service Delivery heavily tested on the CISA exam?↓

IT Service Delivery is one of the core domains in the CISA exam blueprint. Mastering this domain is essential for passing. AnyCert's practice questions cover the full scope of testable topics in this domain.

How should I study the IT Service Delivery domain for CISA?↓

Practice all 35 IT Service Delivery questions in AnyCert, review every explanation for missed answers, and use the AI tutor to clarify any concept. Focus on understanding the reasoning behind each answer, not just memorizing the correct choice.

Sample questions — IT Service Delivery

1. Performance of a third party should be compared to the agreed-upon service-level metrics and must be

A.Supplied by an independent employee of the service provider
B.Accepted at face value by the customer
C.Reviewed by management✓ Correct
D.Review is not necessary because it is a third party and outside the customer’s control

Explanation

All performance under an SLA must be reviewed by management against agreed service levels.

2. What is the most important responsibility of the IT security person?

A.Controlling and monitoring compliance to data security policies✓ Correct
B.Promoting security awareness within the organization
C.Establishing procedures for IT and reviewing for legal accuracy
D.Assisting in system administration of the servers and database

Explanation

The IT security person’s primary role is to control and monitor compliance to data security policies.

A.Automated logging of changes made to development libraries
B.The hiring of additional technical staff to force segregation of duties
C.Preventing the operator login ID from making program modifications
D.Procedures verifying that only approved program changes are implemented✓ Correct

Explanation

Compensating controls like verifying only approved program changes are implemented mitigate SoD issues.

4. What are the four basic types of metrics that can be used to measure IT performance?

A.Efficiency, implementation, impact, effectiveness✓ Correct
B.Cost, quantifiable, qualitative, historical
C.Process control, compliance, efficiency, cost
D.Service definition, performance goal, cost, effectiveness

Explanation

The four basic IT performance metrics are efficiency, implementation, impact, and effectiveness.

5. What type of control is representative of exception reporting?

A.Processing✓ Correct
B.Output
C.Database integrity
D.Service level

Explanation

Exception reporting is a processing control used to identify and handle input errors before processing.

Practice all 35+ questions in this domain

Start free practice →

Frequently asked questions

How many CISA practice questions are there for IT Service Delivery?↓

AnyCert has 35 CISA practice questions specifically for the IT Service Delivery domain, each with a detailed AI-tutored explanation.

Is IT Service Delivery heavily tested on the CISA exam?↓

How should I study the IT Service Delivery domain for CISA?↓