Certified Information Systems Auditor (CISA) — Question 1305

An IT governance body wants to determine whether IT service delivery is based on consistently effective processes. Which of the following is the BEST approach?

Answer options

• A. Develop a maturity model.
• B. Evaluate key performance indicators (KPIs).
• C. Conduct a gap analysis.
• D. Implement a control self-assessment (CSA).

Correct answer: A

Explanation

Creating a maturity model is the best approach as it provides a structured framework to evaluate the effectiveness and maturity of processes over time. Evaluating KPIs, conducting a gap analysis, and implementing a CSA are valuable but don't offer the comprehensive assessment of process maturity that a maturity model does.