Certified Information Systems Auditor (CISA) — Question 1084

Which of the following areas is MOST important for an IS auditor to focus on when reviewing the maturity model for a technology organization?

Answer options

• A. Service level agreements (SLAs)
• B. Standard operating procedures
• C. Roles and responsibility matrix
• D. Business resiliency

Correct answer: D

Explanation

The correct answer, D. Business resiliency, is crucial as it ensures that the organization can withstand and recover from disruptions. While SLAs, standard operating procedures, and the roles and responsibility matrix are important, they do not directly address the organization's ability to maintain operations during adverse conditions, which is central to an effective maturity model.