Certified Information Systems Auditor (CISA) — Question 1038

An organization has both an IT strategy committee and an IT steering committee. When reviewing the minutes of the IT steering committee, an IS auditor would expect to find that the committee:

Answer options

• A. acquired and assigned appropriate resources for projects.
• B. compared the risk and return of IT investments.
• C. reviewed the achievement of the strategic IT objective.
• D. assessed the contribution of IT to the business.

Correct answer: A

Explanation

The correct answer is A because the IT steering committee is primarily responsible for overseeing project resources and ensuring they are allocated effectively. Options B, C, and D are more aligned with the broader strategic oversight that would be handled by the IT strategy committee rather than the operational focus of the steering committee.