Certified Information Systems Auditor (CISA) — Question 1021

Which of the following BEST enables an organization to balance value delivery and risk management?

Answer options

• A. Utilizing an IT governance framework
• B. Executing gap assessments against a capability maturity model
• C. Performing risk assessments
• D. Developing dashboards and management reporting

Correct answer: A

Explanation

The correct answer is A, as an IT governance framework provides structured guidelines for aligning IT objectives with business goals while managing risks. Options B and C focus more on specific assessments rather than an overarching strategy, and option D relates to reporting rather than balancing value and risk directly.