CISA Domain 3B Practice Test 001

This practice test covers Domain 3 (Information Systems Acquisition, Development & Implementation) Subdomain B (Information Systems Implementation) from the CISA exam content outline.

These questions are inspired by the ISACA CISA exam and are designed to help you test your knowledge of information systems auditing, governance, risk management, IT operations, business resilience, and information asset protection.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the audit judgment, control evaluation, and risk-based decision-making skills tested in the CISA exam.

Note: CISA and Certified Information Systems Auditor are registered trademarks of ISACA. This content is not affiliated with or endorsed by ISACA.

To choose CISA practice tests based on specific domains and subdomains, click that link.

CISA Practice Test — 3B (Information Systems Implementation)
10 questions • Single best answer
Question 1
During a go-live readiness review of a hospital's new electronic health record system, an IS auditor finds that several critical defects logged during user acceptance testing remain open, yet the implementation date has not been changed. Which of the following should be the auditor's MOST significant concern about the planned deployment?
    Question 2
    A manufacturing company is converting master and transactional data from a legacy system into a new ERP platform. After the load, record counts match but users report incorrect supplier balances. Which of the following should the IS auditor recommend as the MOST effective control to prevent this type of conversion error?
      Question 3
      Six months after a retailer implemented a new point-of-sale system, an IS auditor is conducting a post-implementation review. Management states the project was a success because it was delivered on time and within budget. Which of the following would provide the BEST evidence that the implementation actually delivered its intended value?
        Question 4
        An IS auditor is reviewing release management for a bank's new loan origination application scheduled for production deployment. The auditor notes that developers can move their own code directly into the production environment. Which of the following is the auditor's MOST appropriate recommendation to strengthen this process?
          Question 5
          A government agency is preparing to migrate its tax processing system to new infrastructure over a weekend cutover. During the readiness review, the IS auditor observes that no documented fallback procedure exists if the migration fails. Which of the following should the auditor identify as the MOST significant risk of proceeding?
            Question 6
            During implementation testing of a new insurance claims platform, an IS auditor reviews the user acceptance testing sign-off. Business users approved the system despite a test log showing that 15 percent of test cases were not executed. Which of the following should the auditor do FIRST?
              Question 7
              An organization used a parallel run to implement a new payroll system, operating the old and new systems simultaneously for two pay cycles. The IS auditor is evaluating the results. Which of the following provides the BEST assurance that the new payroll system is functioning correctly?
                Question 8
                A cloud migration review at a logistics firm finds that the new production environment was deployed using configuration settings copied from a developer's local environment rather than an approved baseline. Which of the following is the IS auditor's MOST significant concern regarding this deployment approach?
                  Question 9
                  An IS auditor is performing a post-implementation review of a customer relationship management system deployed three months ago. The auditor wants to assess whether the application controls designed during the project are operating as intended. Which of the following audit procedures would be MOST appropriate for this objective?
                    Question 10
                    A financial institution deployed a new online banking release, but shortly after go-live customers reported failed transactions. Investigation showed the release was promoted to production without the tested database update script. Which of the following controls would MOST effectively prevent recurrence of this type of release failure?

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top